|
Plagegeister aller Art und deren Bekämpfung: Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.01.2016, 18:29 | #1 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Hallo liebes Tojaner-Board Team, ich habe daheim drei Rechner am laufen wobei eins davon ständige Internet Abbrüche hat. Die Leitung ist im normal Fall sehr stabil. ich kann mir nicht erklären wieso der eine Rechner so aus der Reihe tanzt. Mir kommt es auch so vor als würde das Laden vom Browser hier ewig dauern obwohl ich auf allen Rechnern den selben Browser benutze. An der Leitung liegt es auf jeden Fall nicht sonst hätte ich die Probleme auch bei den anderen Rechnern. Hoffe ihr könnt mir hier helfen. Viele Grüße Ace |
12.01.2016, 14:10 | #2 |
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! In diesem Teil des Forums können wir nachsehen, ob Malware der Grund für die beschriebenen Probleme sind. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
12.01.2016, 17:02 | #3 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01 durchgeführt von Helliot (Administrator) auf MORPHEUS (12-01-2016 16:53:40) Gestartet von C:\Users\Helliot\Downloads Geladene Profile: Helliot (Verfügbare Profile: Helliot & GrandmasterACE & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\System32\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\Helliot\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Akamai Technologies, Inc.) C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Revo Uninstaller] => C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe [3161648 2013-07-03] (VS Revo Group) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\RunOnce: [Uninstall C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-04-26] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{83ac9df7-6c28-4091-921e-08a29f9fe4ba}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e3935004-bc88-41ac-b0ba-8e293dc64751}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> DefaultScope {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-12-10] (DVDVideoSoft Ltd.) BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-14] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-19] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-12-19] (DVDVideoSoft Ltd.) Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab FireFox: ======== FF ProfilePath: C:\Users\Helliot\AppData\Roaming\Mozilla\Firefox\Profiles\cqqp165q.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] () FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-14] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Helliot\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: electronicarts.com/GameFacePlugin -> C:\Users\Helliot\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts) Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => Keine Datei CHR Profile: C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-10] CHR Extension: (Google Präsentationen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-10] CHR Extension: (Google Docs) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-10] CHR Extension: (Google Drive) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10] CHR Extension: (uBlock Origin) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-08] CHR Extension: (Google-Suche) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Google Tabellen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-10] CHR Extension: (Google Docs Offline) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Microsoft Edge - Dark Theme) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\hicepmjogaihmngebapbmkdnjllmhnfb [2015-10-10] CHR Extension: (Ghostery) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10] CHR Extension: (Google Mail) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-10] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-07-09] () R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited) S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2015-01-13] (Creative Labs) [Datei ist nicht signiert] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-05] (Electronic Arts) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-04-14] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-14] (pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-14] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-05] () R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.) R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.) S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [25600 2015-01-23] (BlackBerry Limited) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [80384 2015-01-14] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-07] () U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-12 16:53 - 2016-01-12 16:54 - 00031098 _____ C:\Users\Helliot\Downloads\FRST.txt 2016-01-12 16:52 - 2016-01-12 16:53 - 00000000 ____D C:\FRST 2016-01-12 16:50 - 2016-01-12 16:52 - 02370560 _____ (Farbar) C:\Users\Helliot\Downloads\FRST64.exe 2016-01-12 16:50 - 2016-01-12 16:50 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Helliot\Downloads\tdsskiller.exe 2016-01-08 12:06 - 2016-01-08 12:06 - 00051796 _____ C:\Users\Helliot\Downloads\SKM_364e16010708480.pdf 2015-12-22 17:55 - 2015-12-22 17:55 - 00291877 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215032.pdf 2015-12-22 17:43 - 2015-12-22 17:43 - 00287394 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215031.pdf 2015-12-22 07:27 - 2015-12-22 07:27 - 00001460 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-12-22 07:25 - 2015-12-22 07:27 - 00000000 ____D C:\Users\Helliot\AppData\Local\NVIDIA 2015-12-22 07:25 - 2015-12-22 07:25 - 00002216 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-12-22 07:25 - 2015-12-22 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-22 07:25 - 2015-12-16 17:59 - 01846016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01530240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2015-12-22 07:24 - 2016-01-11 18:13 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-22 07:24 - 2015-12-16 15:54 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-12-22 07:24 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-12-22 07:24 - 2015-12-16 15:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-12-22 07:24 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-12-22 07:23 - 2015-12-18 09:48 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-21 23:24 - 2015-12-21 23:24 - 00034656 _____ C:\Users\Helliot\Downloads\re07_12_15-11_12_BB_Schönaich_ST_Sedlak.dot.pdf 2015-12-21 23:24 - 2015-12-21 23:24 - 00034631 _____ C:\Users\Helliot\Downloads\re08_12_15-11_12_BB_Schönaich_ST_Aydin.dot.pdf 2015-12-19 16:08 - 2015-12-19 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2015-12-19 15:47 - 2015-12-21 00:42 - 00000000 ____D C:\AdwCleaner 2015-12-19 15:38 - 2016-01-12 16:49 - 00000000 ____D C:\Users\Helliot\Documents\Meine FileHippo-Downloads 2015-12-19 15:38 - 2015-12-19 15:38 - 00002127 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2015-12-19 15:38 - 2015-12-19 15:38 - 00002097 _____ C:\Users\Helliot\Desktop\FileHippo App Manager.lnk 2015-12-19 15:32 - 2015-12-19 15:32 - 00001991 _____ C:\Users\Helliot\Desktop\Malwarebytes Anti-Exploit.lnk 2015-12-19 15:30 - 2016-01-11 22:01 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-12-19 14:32 - 2015-12-19 14:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-19 13:16 - 2015-12-19 15:24 - 01740288 _____ C:\Users\Helliot\Desktop\AdwCleaner_5.025.exe 2015-12-19 13:16 - 2015-12-19 14:32 - 02870984 _____ (ESET) C:\Users\Helliot\Desktop\esetsmartinstaller_deu.exe 2015-12-19 13:05 - 2015-12-19 13:06 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-12-19 13:05 - 2015-11-20 22:40 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2015-12-17 19:12 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-17 19:11 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-12-17 19:11 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-17 19:11 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-17 19:11 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-17 19:11 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-17 19:11 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-17 19:11 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2015-12-17 19:11 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-17 19:11 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-17 19:11 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-12-17 19:11 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-12-17 19:11 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2015-12-16 23:48 - 2015-12-16 23:48 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-12-14 18:41 - 2016-01-06 01:22 - 00000000 ____D C:\Users\Helliot\AppData\Local\Deployment 2015-12-14 18:20 - 2015-12-14 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-13 14:28 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-13 14:28 - 2015-11-24 13:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-13 14:28 - 2015-11-24 12:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-13 14:28 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-13 14:28 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-12-13 14:28 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-12-13 14:28 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-13 14:28 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll 2015-12-13 14:28 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-13 14:28 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-13 14:28 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-13 14:28 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-13 14:28 - 2015-11-24 09:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-13 14:28 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-13 14:28 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-13 14:28 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-13 14:28 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-13 14:28 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-13 14:28 - 2015-11-24 09:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-13 14:28 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-13 14:28 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-13 14:28 - 2015-11-24 08:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-13 14:28 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-13 14:28 - 2015-11-24 08:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-13 14:28 - 2015-11-24 08:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-13 14:28 - 2015-11-24 08:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-13 14:28 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-13 14:28 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-12-13 14:28 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll 2015-12-13 14:28 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2015-12-13 14:28 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2015-12-13 14:28 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll 2015-12-13 14:28 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-12-13 14:28 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-12-13 14:28 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-13 14:28 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-13 14:28 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-12-13 14:28 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-12-13 14:28 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-12-13 14:28 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-13 14:28 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll 2015-12-13 14:28 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2015-12-13 14:28 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2015-12-13 14:28 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-12-13 14:28 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-12-13 14:28 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll 2015-12-13 14:28 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2015-12-13 14:28 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-12-13 14:28 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll 2015-12-13 14:28 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-13 14:28 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-12-13 14:28 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-13 14:28 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-12-13 14:28 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-13 14:28 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-12-13 14:28 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2015-12-13 14:28 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-13 14:28 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-12-13 14:28 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-13 14:28 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-13 14:28 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-13 14:28 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-13 14:28 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-13 14:28 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2015-12-13 14:28 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-13 14:28 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-13 14:28 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-13 14:27 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2015-12-13 14:27 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-12-13 14:27 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2015-12-13 14:27 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-13 14:27 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-13 14:27 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-13 14:27 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-13 13:53 - 2015-12-13 13:53 - 00000000 ___RD C:\Users\Helliot\3D Objects 2015-12-13 12:30 - 2015-12-13 12:30 - 00001094 _____ C:\Users\Public\Desktop\BlackBerry Blend.lnk 2015-12-13 12:30 - 2015-12-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Blend 2015-12-13 12:30 - 2015-12-13 12:30 - 00000000 ____D C:\Program Files (x86)\BlackBerry 2015-12-13 12:29 - 2015-12-13 12:29 - 00001178 _____ C:\Users\Public\Desktop\BlackBerry Link.lnk 2015-12-13 12:29 - 2015-12-13 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Link 2015-12-13 12:29 - 2012-12-10 16:48 - 00044544 _____ (Research in Motion Ltd) C:\WINDOWS\system32\Drivers\RimSerial_AMD64.sys 2015-12-13 11:18 - 2015-12-13 11:18 - 00000000 ____D C:\Users\Helliot\AppData\Local\ActiveSync 2015-12-13 11:16 - 2015-12-13 11:16 - 00000020 ___SH C:\Users\Helliot\ntuser.ini 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-12-13 04:41 - 2016-01-11 18:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-13 04:38 - 2015-12-13 04:38 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-13 04:38 - 2015-12-13 04:38 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2015-12-13 04:38 - 2015-12-13 04:38 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2015-12-13 04:37 - 2015-12-13 04:39 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-12-13 04:37 - 2015-12-13 04:37 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2015-12-13 04:36 - 2016-01-11 18:19 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-13 04:36 - 2015-12-20 23:43 - 00000000 ____D C:\Users\Helliot 2015-12-13 04:36 - 2015-12-16 23:48 - 00000000 ____D C:\Users\DefaultAppPool 2015-12-13 04:36 - 2015-12-13 04:40 - 00000000 ____D C:\Users\GrandmasterACE 2015-12-13 04:36 - 2015-12-13 04:36 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten 2015-12-13 04:36 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-13 04:35 - 2015-12-22 07:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-22 07:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-22 07:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-13 04:37 - 00000000 ____D C:\Users\Public\Creative 2015-12-13 04:35 - 2015-12-13 04:37 - 00000000 ____D C:\Program Files\Intel 2015-12-13 04:35 - 2015-12-13 04:35 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2015-12-13 04:35 - 2015-10-17 16:37 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-12-13 04:35 - 2015-10-17 16:37 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-12-13 04:34 - 2015-12-14 18:27 - 00201440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-13 04:34 - 2015-12-13 04:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-12-13 04:33 - 2015-12-13 12:32 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-13 04:32 - 2015-12-13 04:32 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-12-13 04:32 - 2015-12-13 04:32 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-12-13 04:32 - 2015-12-13 04:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00000000 ____D C:\Windows.old 2015-12-13 04:31 - 2015-12-13 04:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-13 04:31 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2015-12-13 04:31 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2015-12-13 04:31 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2015-12-13 04:31 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2015-12-13 04:31 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\system32\msmq 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files\MSBuild 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\inetpub 2015-12-13 04:30 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-13 04:30 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-12-13 04:30 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-12 16:52 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-12 16:51 - 2015-10-07 20:01 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1551DC1-A338-4D4E-8C71-384D0FD0D468} 2016-01-12 16:51 - 2012-10-14 22:05 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Skype 2016-01-12 16:50 - 2015-01-12 22:47 - 00000000 ____D C:\ProgramData\Skype 2016-01-12 16:49 - 2014-06-29 19:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-12 16:49 - 2013-07-18 20:33 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Dropbox 2016-01-12 16:48 - 2015-10-10 18:10 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-12 16:48 - 2015-10-08 22:20 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-01-12 16:48 - 2012-10-05 20:50 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2016-01-12 00:35 - 2014-11-11 22:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-12 00:25 - 2015-10-08 22:20 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-01-12 00:21 - 2015-10-10 18:10 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-11 20:42 - 2014-01-03 21:05 - 00000000 ____D C:\Users\Helliot\AppData\Local\Battle.net 2016-01-11 18:19 - 2015-10-30 19:35 - 00898014 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-11 18:19 - 2015-10-30 19:35 - 00201500 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-11 18:19 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-11 18:12 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-11 17:41 - 2015-10-07 19:37 - 00000000 __SHD C:\Users\Helliot\IntelGraphicsProfiles 2016-01-10 05:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-09 02:19 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-08 18:33 - 2015-10-20 18:04 - 00000000 ____D C:\Users\Helliot\Documents\EVE 2016-01-08 13:13 - 2012-10-05 20:50 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2016-01-08 12:21 - 2015-07-18 19:15 - 00000000 ____D C:\Users\Helliot\Desktop\HAUS Schönaich 2016-01-06 03:39 - 2013-08-09 12:07 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\vlc 2016-01-05 22:02 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-05 00:40 - 2012-11-28 23:05 - 00000000 ____D C:\Users\Helliot\Desktop\EFT 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Program Files\WinRAR 2016-01-04 01:51 - 2012-10-06 02:29 - 00000000 ____D C:\Users\Helliot\AppData\Local\CrashDumps 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-28 22:35 - 2014-11-11 22:46 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-12-28 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-28 14:50 - 2015-07-28 22:35 - 00001324 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-12-28 14:50 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2015-12-28 14:50 - 2014-11-08 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-12-28 14:47 - 2013-05-18 18:53 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\DVDVideoSoft 2015-12-23 07:01 - 2012-10-05 21:10 - 00001165 _____ C:\Users\Helliot\Desktop\MSI Afterburner.lnk 2015-12-22 07:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2015-12-22 07:11 - 2012-10-06 17:57 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-12-20 23:43 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-19 16:10 - 2014-03-28 14:38 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\WinPatrol 2015-12-19 16:10 - 2014-03-24 18:52 - 00000000 ____D C:\ProgramData\InstallMate 2015-12-19 15:59 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack 2015-12-19 15:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-19 15:54 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2015-12-19 15:52 - 2013-05-18 23:13 - 00000000 ____D C:\avast! sandbox 2015-12-19 15:52 - 2013-05-14 00:42 - 00000000 ____D C:\ProgramData\AVAST Software 2015-12-19 15:51 - 2015-07-30 18:07 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-19 15:38 - 2013-05-18 23:44 - 00000000 ____D C:\Program Files (x86)\FileHippo.com 2015-12-19 14:17 - 2013-07-20 14:05 - 00000000 ____D C:\ProgramData\TEMP 2015-12-19 13:15 - 2014-01-17 12:28 - 00000000 ____D C:\ProgramData\Oracle 2015-12-19 13:06 - 2015-08-17 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-19 13:06 - 2014-01-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-19 13:06 - 2013-09-23 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-12-19 12:55 - 2014-03-28 22:59 - 00001274 _____ C:\Users\Helliot\Desktop\Revo Uninstaller.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00002439 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00000000 ___RD C:\Users\Helliot\OneDrive 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\vbox 2015-12-16 22:22 - 2015-10-10 18:10 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-16 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-14 18:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-13 12:49 - 2015-07-27 17:34 - 00000000 ____D C:\Users\Helliot\AppData\Local\BlackBerry 2015-12-13 12:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ModemLogs 2015-12-13 12:29 - 2013-10-03 13:16 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-13 11:33 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Helliot\AppData\Local\Packages 2015-12-13 11:32 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-13 11:16 - 2015-10-07 19:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-12-13 11:16 - 2015-10-07 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-13 04:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT 2015-12-13 04:42 - 2015-10-07 19:15 - 00031404 _____ C:\WINDOWS\diagerr.xml 2015-12-13 04:42 - 2015-10-07 19:15 - 00030483 _____ C:\WINDOWS\diagwrn.xml 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration 2015-12-13 04:41 - 2015-10-25 16:26 - 00002296 _____ C:\WINDOWS\System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} 2015-12-13 04:41 - 2015-10-10 18:10 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-13 04:41 - 2015-10-10 18:10 - 00003424 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-13 04:41 - 2015-10-08 22:20 - 00003748 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2015-12-13 04:41 - 2015-10-08 22:20 - 00003524 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2015-12-13 04:41 - 2015-10-07 19:32 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-13 04:41 - 2015-07-28 22:33 - 00002388 _____ C:\WINDOWS\System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} 2015-12-13 04:41 - 2014-12-25 22:17 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-12-13 04:41 - 2014-07-20 15:23 - 00002294 _____ C:\WINDOWS\System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} 2015-12-13 04:41 - 2013-12-20 12:44 - 00002294 _____ C:\WINDOWS\System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} 2015-12-13 04:41 - 2013-10-23 17:17 - 00002412 _____ C:\WINDOWS\System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} 2015-12-13 04:41 - 2013-08-08 18:10 - 00002078 _____ C:\WINDOWS\System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} 2015-12-13 04:41 - 2013-08-08 00:29 - 00002280 _____ C:\WINDOWS\System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} 2015-12-13 04:41 - 2013-06-30 11:46 - 00002294 _____ C:\WINDOWS\System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} 2015-12-13 04:41 - 2012-10-22 16:45 - 00002304 _____ C:\WINDOWS\System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} 2015-12-13 04:41 - 2012-10-07 14:28 - 00002276 _____ C:\WINDOWS\System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} 2015-12-13 04:41 - 2012-10-06 17:57 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-12-13 04:41 - 2012-10-06 12:26 - 00002424 _____ C:\WINDOWS\System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} 2015-12-13 04:41 - 2012-10-06 12:16 - 00002288 _____ C:\WINDOWS\System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} 2015-12-13 04:41 - 2012-10-05 20:50 - 00003044 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d 2015-12-13 04:41 - 2012-10-05 20:50 - 00002702 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon 2015-12-13 04:39 - 2015-12-11 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-13 04:39 - 2015-10-21 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-12-13 04:39 - 2015-10-20 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVE 2015-12-13 04:39 - 2015-10-17 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16 2015-12-13 04:39 - 2015-10-10 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-13 04:39 - 2015-10-10 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2015-12-13 04:39 - 2015-04-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-12-13 04:39 - 2015-04-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3 2015-12-13 04:39 - 2015-01-13 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-12-13 04:39 - 2015-01-12 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeinPlatz 2015-12-13 04:39 - 2014-10-30 21:05 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2015-12-13 04:39 - 2014-06-29 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-13 04:39 - 2014-04-05 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DevPro 2015-12-13 04:39 - 2014-03-28 22:59 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-12-13 04:39 - 2014-01-03 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-12-13 04:39 - 2013-12-03 17:06 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2015-12-13 04:39 - 2013-12-02 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-12-13 04:39 - 2013-11-05 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-12-13 04:39 - 2013-09-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-12-13 04:39 - 2013-06-30 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-12-13 04:39 - 2013-05-18 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-13 04:39 - 2013-05-12 13:34 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-12-13 04:39 - 2013-04-26 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2015-12-13 04:39 - 2013-04-24 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2015-12-13 04:39 - 2013-04-06 13:22 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-13 04:39 - 2013-04-06 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-13 04:39 - 2013-01-31 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5 2015-12-13 04:39 - 2012-10-06 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-12-13 04:39 - 2012-10-06 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-12-13 04:39 - 2012-10-05 21:10 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2015-12-13 04:39 - 2012-10-05 20:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-12-13 04:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-13 04:38 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated 2015-12-13 04:37 - 2015-12-10 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-13 04:37 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR 2015-12-13 04:37 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-12-13 04:37 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-13 04:37 - 2012-10-05 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology 2015-12-13 04:37 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-12-13 04:37 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games 2015-12-13 04:36 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-13 04:34 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-13 04:33 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-13 04:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-13 04:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-13 04:30 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2015-12-13 04:30 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2015-12-13 04:30 - 2015-10-30 08:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2015-12-13 04:30 - 2015-10-30 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2015-12-13 04:24 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-13 04:15 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-13 04:15 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-13 04:00 - 2015-12-12 00:26 - 00004473 _____ C:\ads_err.adt 2015-12-13 04:00 - 2015-12-12 00:26 - 00003072 _____ C:\ads_err.adi ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-07-23 19:08 - 2015-07-30 19:39 - 0008704 _____ () C:\Users\Helliot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-24 14:56 - 2012-12-24 14:56 - 0000095 _____ () C:\Users\Helliot\AppData\Local\fusioncache.dat 2015-10-01 18:27 - 2015-10-01 18:27 - 0000000 _____ () C:\Users\Helliot\AppData\Local\{78B09330-81F4-4EF6-B1B6-AA7CBAE12EBB} ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. LastRegBack: 2016-01-04 20:43 ==================== Ende von FRST.txt ============================ |
12.01.2016, 17:10 | #4 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01 durchgeführt von Helliot (2016-01-12 16:56:08) Gestartet von C:\Users\Helliot\Downloads Windows 10 Home (X64) (2015-12-13 03:42:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1876908282-3715187805-3812892742-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1876908282-3715187805-3812892742-503 - Limited - Disabled) Gast (S-1-5-21-1876908282-3715187805-3812892742-501 - Limited - Disabled) GrandmasterACE (S-1-5-21-1876908282-3715187805-3812892742-1016 - Limited - Enabled) => C:\Users\GrandmasterACE Helliot (S-1-5-21-1876908282-3715187805-3812892742-1000 - Administrator - Enabled) => C:\Users\Helliot HomeGroupUser$ (S-1-5-21-1876908282-3715187805-3812892742-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited) Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs) Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited) Curse Client - 1 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) EVE Online (HKLM-x32\...\{506FAE69-5B35-448D-9755-0300C6074695}) (Version: 3.0.0 - CCP Games Ltd.) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.) Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - ) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.) Sound Blaster Recon3D PCIe (HKLM-x32\...\{CA0A90CB-F659-4E0B-B2A2-C8CF4B752AEC}) (Version: 1.01.26 - Creative Technology Limited) Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TL-WN951N Driver (HKLM-x32\...\{CCE177D2-8FE3-494A-82C9-958CC79E73AD}) (Version: 1.0.0 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK) Unity Web Player (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0BAF27BF-317E-4F9F-866D-2D3139CCFF34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0FA189AC-D846-4D47-A7A6-11F51D4D432F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {0FA26273-7FAD-412B-8A54-14A8B3D2D39C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {129BED33-3CE9-4E1F-B641-DC24D5841B84} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG Task: {12C47B42-B987-4A43-9E3E-2E814AFD9548} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {166FCE99-6838-4B5D-B60D-A41A746D3D13} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {1832404E-9692-4663-ACA6-5D713B6CAFC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {1AB1D862-115B-4532-B2BD-72D65EE6A1FB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1ADE08AA-BA76-401F-B3D4-574F04357706} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {1C5FACFA-D0E9-46C7-8A06-183A171AB770} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {1C8016AC-FDCC-4597-B7E2-3DDE2C1CF753} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {1ED31CEB-913B-43E9-BD79-0FC4CC548B8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {1FFAD526-12D7-422C-94A2-EA03A99B865C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {272CB712-594B-4627-A297-6B7BF114F0E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {2E7997BF-8BE5-4EA9-A95D-E716F1800359} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {306983FC-D0DD-43C6-A935-0BB56EDE5B1F} - System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => pcalua.exe -a C:\Users\Helliot\Downloads\lgps306_x64.exe -d C:\Users\Helliot\Downloads Task: {31C348EE-39DE-4C56-A188-BD2E156A3562} - System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => pcalua.exe -a C:\Users\Helliot\Downloads\ST6UNST.EXE -d C:\Users\Helliot\Downloads Task: {34397EE7-82EA-4203-BD37-F94DC61DE797} - System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} => pcalua.exe -a "D:\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000 Task: {394FB6DE-C869-4527-BC1B-E1D35F603FB1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {442D3110-9FD2-43A7-971C-DC34D69989A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {4A085877-4476-44D8-9193-3F17B313E3DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4BF79F40-B555-4768-B224-1A47AA016F07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {4D0AB04A-F350-4043-B676-48092B046A5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {550E0D98-DD00-4907-B1F3-342050FBB3D7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {583DC1B4-74AF-4E3A-BE6A-9E78CC05852D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {70A97BB3-69F7-4976-BD9E-98AA8325681C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {715D37B1-A3DF-4111-9DC8-E3688B397805} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {76E8A1DF-5686-4DD9-8B40-0B0A3B544844} - System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => pcalua.exe -a C:\Users\Helliot\Downloads\iview436_setup.exe -d C:\Users\Helliot\Downloads Task: {79AA9890-6934-4720-BA9C-3F221AC7780C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33} - System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => pcalua.exe -a C:\Users\Helliot\Downloads\iview438_setup.exe -d C:\Users\Helliot\Downloads Task: {7F20631D-DDBA-4662-9ADD-972A633821DF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {856722EF-9D13-48DE-A22A-B5B31A9AB562} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {8986EF33-036D-4902-BD74-39173F903C5F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {8E0D05C1-BB4B-441A-810C-CA5922CF1485} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {934E48BA-8F6F-4440-94BB-CBF3E28E5242} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {95776C57-8195-4F99-8AED-83D520355001} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC} - System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => pcalua.exe -a C:\Users\Helliot\Downloads\setup.exe -d C:\Users\Helliot\Downloads Task: {9CD1CE2C-3259-4D6C-B40A-39041DC175FE} - System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {A00CAA1B-8BF0-4D48-81F8-484EC4E2FCCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6} - System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft" Task: {A10BB8C3-4BB5-40A4-80C3-5CD445BA035C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {A3342FCF-E15A-4DD2-AD6D-D803A0A41C4D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {A38905B8-A9D4-4134-9EA2-95E0ADC091CB} - System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} => pcalua.exe -a C:\Users\Helliot\AppData\Local\Unity\WebPlayer\Uninstall.exe -c /CurrentUser Task: {AD7DDE54-21D7-4517-9593-CA23E761D56B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B69F42B8-3628-4405-BE43-14C98FACB725} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {BB35265D-4C7C-44EB-BE88-4671DD9185C5} - System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => D:\Makroman\Makroman\SETUP1.EXE <==== ACHTUNG Task: {BBE2697C-FED9-40F8-B331-266EBE6B3D54} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C1EE81B8-3064-4811-9A1F-F50B8B38C864} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E51E85FF-DA1B-4C44-8116-0B2B45B525CD} - System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" Task: {EEECF037-8CAE-4B83-843A-93F8E0300FFC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {F0B8B10F-9E59-4DCF-8784-313BA9D51F89} - \Software Updater Ui -> Keine Datei <==== ACHTUNG Task: {F36832C7-49C6-4916-BA71-08229EB67DC3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7} - \Software Updater -> Keine Datei <==== ACHTUNG Task: {F728578E-C6EE-489E-8041-B07EF026CFD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {F8CD663A-CDD3-46DA-96B4-01DE9C368CDD} - System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => pcalua.exe -a C:\Users\Helliot\Downloads\iview437_setup.exe -d C:\Users\Helliot\Downloads Task: {FA98427E-7096-4310-AB47-6ACD728F7B2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {FE9D1E75-C974-486A-9F60-3583C5E28F4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated) Task: {FFAAE9E9-64F5-479D-82F1-DE976E312573} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-10-05 20:50 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2015-12-22 07:25 - 2015-12-16 17:59 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2014-12-17 16:19 - 2014-12-17 16:19 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 19:11 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-17 19:11 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-17 19:11 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-17 19:11 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-17 19:11 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-05-20 13:00 - 2015-05-20 13:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe 2014-11-08 15:58 - 2015-12-25 20:19 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-08 15:58 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2012-10-05 20:49 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2012-12-19 10:58 - 2012-12-19 10:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll 2015-12-11 23:26 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2015-12-11 23:26 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2015-12-11 23:26 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2015-10-08 22:20 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-12-11 23:26 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2015-12-11 23:26 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-10-08 22:20 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2015-08-03 16:56 - 00512058 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 m.fr.a2dfp.net 0.0.0.0 mfr.a2dfp.net 0.0.0.0 ad.a8.net 0.0.0.0 asy.a8ww.net 0.0.0.0 static.a-ads.com 0.0.0.0 atlas.aamedia.ro 0.0.0.0 abcstats.com 0.0.0.0 ad4.abradio.cz 0.0.0.0 a.abv.bg 0.0.0.0 adserver.abv.bg 0.0.0.0 adv.abv.bg 0.0.0.0 bimg.abv.bg 0.0.0.0 ca.abv.bg 0.0.0.0 www2.a-counter.kiev.ua 0.0.0.0 track.acclaimnetwork.com 0.0.0.0 accuserveadsystem.com 0.0.0.0 www.accuserveadsystem.com 0.0.0.0 achmedia.com 0.0.0.0 csh.actiondesk.com 0.0.0.0 ads.activepower.net 0.0.0.0 app.activetrail.com 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie] 0.0.0.0 traffic.acwebconnecting.com 0.0.0.0 office.ad1.ru 0.0.0.0 cms.ad2click.nl 0.0.0.0 ad2games.com 0.0.0.0 ads.ad2games.com 0.0.0.0 content.ad20.net 0.0.0.0 core.ad20.net Da befinden sich 12238 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helliot\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{0B927C76-4B63-49D9-B552-82C0679177C8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{C9633B9E-8683-45AF-A995-4D0E1F2E65DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{528A0DB4-FF3D-4106-99A0-F6C9365FDCED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5A64F415-5D25-48E7-94DE-9168E1652CB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58D27B29-5ACD-4521-A78E-32A63EF86B2C}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{10B6A4D9-5E90-45A9-91F3-8A18A0DD6FE4}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{BD92F302-3A60-421B-81EE-E27B96FB1499}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{86B49B3B-F8E5-4F0B-BB50-273EA5E86CD1}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{F26F807B-A4C1-4EB0-B068-A5DF04052E68}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD0FAEE9-5067-4529-A699-95CE8D91E4BD}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD80BF80-6811-4734-9F71-24E5099E44E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C82C500A-6C02-4AB0-A1F7-08D5E1C643F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{5DE22059-C075-4ECC-BA29-BC9069EB1E38}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [TCP Query User{A4979378-DE8B-43BF-A39F-34A777138062}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{6736FC8E-86F5-41AF-A63F-9B288EDD0082}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [TCP Query User{BC2333FE-7701-43C8-AFB2-28289DF59DA6}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{139E65D7-9DCD-42EF-ABC2-EC92695412A5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{BBEB0FAD-4CB0-4310-A0EE-0730C19AA4A6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8BCFE5FC-41A5-45D9-9FEF-7E3B6A900579}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1C0A61B1-9D32-4E7C-B521-EEEE1F14D1E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6516A375-742D-4035-97B8-896233ABCCDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{266F4EF5-5086-403B-B76D-586F5A78A1DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{A5CB5A06-45D4-4D3A-A828-A1E184DE4E24}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{42886E48-ADA7-493E-952F-05DE1702DD10}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{C383E550-1CE7-4780-BBD5-9D2DDE526464}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{DDF9335F-BDDD-4B7F-8B14-A7FABB7A2091}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{4ABB48F3-D3E9-4DFA-AFD5-D0DDD66A02B7}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{C511EC64-DA6D-47D2-8861-DAFD4B9C3D0C}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{54082D66-418E-4A5D-9A08-4EFCB793F141}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{0D3563E2-7D4F-4578-A815-56C21990E12E}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{62E85091-1CFC-49DA-A381-2D1506395D45}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{19B2B5AA-747B-4F30-AC23-18C15E82E171}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{7C8B3004-3CE9-47FD-831C-AFFF45483DFA}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{FB50B207-BF10-4790-ACF5-484770EFFEE0}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{AEBC00CF-B069-4B71-8101-DDFE72C6CF17}] => (Allow) E:\fsetup.exe FirewallRules: [{AE686882-749D-4A38-BC40-18F97575F538}] => (Allow) E:\fsetup.exe FirewallRules: [TCP Query User{568F984C-A586-447A-BE2F-2924A12E073C}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [UDP Query User{AA814E8D-9E1D-4CBB-8FE4-C0D592C23130}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [TCP Query User{CA694090-E9C9-47D3-BF86-810657384E79}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{4A628D7D-758A-4D06-9011-9FEEA28EB724}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{FEF5D6AE-1286-4097-895E-4450CE2537B7}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{BA699DC5-1E88-46A3-AFB5-66FC9D576C8E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{007CEA8A-D573-4120-8D82-61DE56CB1EF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CEEAA8A5-DE66-4AE1-A0AC-C32E3F7DFF8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{09F1FD38-46F2-4E41-A08F-04476436A305}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8627F46E-16B4-4BBB-9CC0-A692908A7A8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E0FC1FC9-FD76-4D3A-B12E-24BD118389EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{0BFE8484-42BB-43CE-900A-C715C0AAEAF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{3F457E0B-8CFF-4DD1-A961-42A78A7717AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{618CC434-226B-40AB-AAC3-EE8718391229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{0D630E23-8E0A-496F-BF36-DD040ADDAA35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{96211E4D-9EC5-4531-A7EA-7A59F97A19BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{1C980DAD-44A9-4199-9F93-3576C8762AE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{94555346-4E9B-4B5A-A411-4E0BA532EFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{92C946A5-3AF0-47C2-8DEA-0E02EA0F7C23}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{1C6E86DD-CE22-49A9-AB02-4BD4C10E266F}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{C8E8167A-3C00-451E-855D-D7901B16F8F9}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{06872F15-5385-41AC-8079-C60611B6358E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{DB2796A6-36F4-4AAA-A64A-6BDD43E674BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{C062EB40-5993-4BF2-83D5-40F90E17617C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{113C377B-AC8C-43AC-9D5F-EEDE14BD5E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{DEF0DFE0-21DB-471B-8A0D-147808AC19C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{BC812440-55D4-4BC1-959C-DA5CD16DDDF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [{9F8AB3E5-7A47-4416-A298-02EAEDBA6573}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [TCP Query User{B27F46D7-3CF8-4ECC-994B-AF6D6C8D5A53}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{4A9174EE-D4C6-4BF8-96B2-67245C1F64B0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{C73009B1-FE7A-4DF9-8ED8-99C432CDD8CD}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [UDP Query User{C1B0777F-CDD3-4979-9F0E-F82C0D272668}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [TCP Query User{19291BB1-BDB3-46C4-B513-1B97032920DE}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [UDP Query User{76438013-4A59-4FC9-BD3A-2471DB68CF0D}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [TCP Query User{05C1F69D-E6F6-4425-82C8-15312204C9ED}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [UDP Query User{F8A06B3C-70D5-4014-98FB-992F61B64E9F}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [TCP Query User{1767DF7F-D26F-4569-9EA9-36D56D1F2676}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [UDP Query User{F66A7FB9-CDA3-4F43-97BD-505A68E15983}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [{BD5B5645-3564-4BB6-8B7C-A8C59F647846}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{B3757FFF-A038-4B20-B302-83EDDC5321B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{F741DF01-B8CC-48BB-8080-9D07943C4585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{4F5B615F-A185-49CE-B6B0-F00D6E3F0DA2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [TCP Query User{1EFBABD3-4A5A-4B24-B021-33403EEF1488}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [UDP Query User{03F12889-54C8-40F9-9670-20283152568B}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [TCP Query User{E2CD74F6-A502-4F23-9673-754AD5843422}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [UDP Query User{A81B6273-DE2B-4840-A2CB-BEC6D50855EA}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [{6CC59246-0A26-48FA-AA4F-24DEA6959A32}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{5D003418-4478-4916-A94C-C1389C026E52}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{86F7CE9F-95AE-4B10-A9F6-DB7A634941D4}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{0BE5A949-3624-44D8-B737-0470666B92CC}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{B6917F29-E7FB-4AB4-9DD6-A14C32E2DA30}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [UDP Query User{BD67422D-2000-4041-8022-4BBB9E623E63}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [{1C78B32C-780E-4653-89DE-A0478DEE0EFE}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{BAF62BAC-7972-4943-B7D9-EE0615F3B043}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{AF4501EB-0F9E-45AF-B19F-08C35426302C}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [{A6A7E103-EA95-499B-8FEB-4A2B68C65449}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [TCP Query User{A8E5B9C8-D4C2-4674-86BF-D17D6F723B5F}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{4D25963D-066C-4A6A-A3FD-FBAC3E1622B6}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [{3B9B8085-0F25-4F5E-83F2-BE5AED176A7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{2C46AC31-8D77-4D6D-9923-D3700243FD6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{12598A0D-DE41-41C5-A7DC-70A9C9F65465}] => (Allow) tunmgr.exe FirewallRules: [{97C121A3-6E2F-4BCA-B1EF-1165F8AB668D}] => (Allow) tunmgr.exe FirewallRules: [{9598F0AB-4875-4933-9305-89CB5CE9EFEB}] => (Allow) mDNSResponder.exe FirewallRules: [{A9932669-337C-4B1A-BA01-F260855EE99D}] => (Allow) mDNSResponder.exe FirewallRules: [{4EC7B0B2-6196-4431-B22B-09CF48CC57A7}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{7F73E8D7-58E6-41EF-8E45-D43686F0D421}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{60AC01DD-CB9C-4612-9D4B-D4632D5314A5}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [TCP Query User{08775B4F-8238-4627-B2EB-3D0F8FC0FAB2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{06DE6B7B-51C4-4E95-BCB4-FD6A3A4C074E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{E496D335-EF2E-4F1E-9ADA-2B35E4C675EA}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{1743BE12-BA92-41AE-93B8-4571C581EF60}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{026A6911-15CD-4CE7-8866-E6B866937037}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{D7949B87-D512-40C3-B8C8-A23AFE6AEA08}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [{4C5891E8-AC81-4E20-875C-3FCAFFA2AC9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E55A4142-057F-4DCE-BAC9-B92C8499FED3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27476226-F7CE-49F6-BE2E-FD27E31F64EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{68CBEDC1-9504-46DB-BEAF-9B796911DE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{80E8BE5D-5E0D-45C1-A7A3-49017AB7AD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3CDED019-2C56-4236-AC31-B86A348FDD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7F8CD4F7-D92B-4180-937B-ACF897FA3FC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8D249944-9F82-4D57-A32A-26CFE3EF9234}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A24AC716-5A02-4A4B-8FCD-E0FEBDAC9CD8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{8249C33E-CD22-4556-BAE8-45641D61DA7F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus-2.local. Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 0000:0000:0000:0000:0000:0000:0000:0001:5353 16 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 012095F0 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 012095F0 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 01201668 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 01201668 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local. Systemfehler: ============= Error: (01/12/2016 04:48:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT) Description: Für den Miniport "BlackBerry Tethering Device #2, {E1FF5A4A-7FA5-448A-803D-AB7237E7F4DD}" ist das Ereignis "74" aufgetreten. Error: (01/12/2016 04:48:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT) Description: Für den Miniport "BlackBerry Device #2, {40663FBD-1959-4C9A-AB8D-6ABB3F80EC9A}" ist das Ereignis "74" aufgetreten. Error: (01/12/2016 12:44:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_53ec7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/11/2016 06:13:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/11/2016 06:12:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_1dfb1b2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/11/2016 05:41:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht. Error: (01/10/2016 11:57:06 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/10/2016 11:57:06 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/10/2016 11:57:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_54c1b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/10/2016 05:36:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Prozentuale Nutzung des RAM: 26% Installierter physikalischer RAM: 8087.05 MB Verfügbarer physikalischer RAM: 5963.65 MB Summe virtueller Speicher: 16279.05 MB Verfügbarer virtueller Speicher: 13946 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:97.12 GB) (Free:39.35 GB) NTFS Drive d: (Games) (Fixed) (Total:140.82 GB) (Free:19.6 GB) NTFS Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:1766.87 GB) NTFS Drive g: (TrekStor) (Fixed) (Total:931.51 GB) (Free:875.57 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E82530F0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=140.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C3A71AB) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 0B51B638) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Code:
ATTFilter 17:07:04.0468 0x2384 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 17:07:20.0391 0x2384 ============================================================ 17:07:20.0391 0x2384 Current date / time: 2016/01/12 17:07:20.0391 17:07:20.0391 0x2384 SystemInfo: 17:07:20.0391 0x2384 17:07:20.0391 0x2384 OS Version: 10.0.10586 ServicePack: 0.0 17:07:20.0391 0x2384 Product type: Workstation 17:07:20.0391 0x2384 ComputerName: MORPHEUS 17:07:20.0391 0x2384 UserName: Helliot 17:07:20.0391 0x2384 Windows directory: C:\WINDOWS 17:07:20.0391 0x2384 System windows directory: C:\WINDOWS 17:07:20.0391 0x2384 Running under WOW64 17:07:20.0391 0x2384 Processor architecture: Intel x64 17:07:20.0391 0x2384 Number of processors: 4 17:07:20.0391 0x2384 Page size: 0x1000 17:07:20.0391 0x2384 Boot type: Normal boot 17:07:20.0391 0x2384 ============================================================ 17:07:20.0469 0x2384 KLMD registered as C:\WINDOWS\system32\drivers\57035583.sys 17:07:20.0984 0x2384 System UUID: {7C479E4E-87D6-DF4E-59D9-6ADEEC9560D2} 17:07:21.0375 0x2384 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:07:21.0375 0x2384 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 17:07:21.0375 0x2384 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 17:07:21.0391 0x2384 ============================================================ 17:07:21.0391 0x2384 \Device\Harddisk0\DR0: 17:07:21.0391 0x2384 MBR partitions: 17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC23C800 17:07:21.0391 0x2384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350000, BlocksNum 0x119A2800 17:07:21.0391 0x2384 \Device\Harddisk1\DR1: 17:07:21.0391 0x2384 MBR partitions: 17:07:21.0391 0x2384 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 17:07:21.0391 0x2384 \Device\Harddisk2\DR2: 17:07:21.0391 0x2384 MBR partitions: 17:07:21.0391 0x2384 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 17:07:21.0391 0x2384 ============================================================ 17:07:21.0391 0x2384 C: <-> \Device\Harddisk0\DR0\Partition2 17:07:21.0391 0x2384 D: <-> \Device\Harddisk0\DR0\Partition3 17:07:21.0391 0x2384 F: <-> \Device\Harddisk1\DR1\Partition1 17:07:21.0406 0x2384 G: <-> \Device\Harddisk2\DR2\Partition1 17:07:21.0406 0x2384 ============================================================ 17:07:21.0406 0x2384 Initialize success 17:07:21.0406 0x2384 ============================================================ 17:08:04.0271 0x232c ============================================================ 17:08:04.0271 0x232c Scan started 17:08:04.0271 0x232c Mode: Manual; SigCheck; TDLFS; 17:08:04.0271 0x232c ============================================================ 17:08:04.0271 0x232c KSN ping started 17:08:06.0611 0x232c KSN ping finished: true 17:08:08.0161 0x232c ================ Scan system memory ======================== 17:08:08.0161 0x232c System memory - ok 17:08:08.0161 0x232c ================ Scan services ============================= 17:08:08.0208 0x232c 1394ohci - ok 17:08:08.0224 0x232c 3ware - ok 17:08:08.0240 0x232c ACPI - ok 17:08:08.0255 0x232c acpiex - ok 17:08:08.0255 0x232c acpipagr - ok 17:08:08.0271 0x232c AcpiPmi - ok 17:08:08.0286 0x232c acpitime - ok 17:08:08.0286 0x232c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 17:08:08.0576 0x232c AdobeARMservice - ok 17:08:08.0654 0x232c [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 17:08:08.0654 0x232c AdobeFlashPlayerUpdateSvc - ok 17:08:08.0670 0x232c ADP80XX - ok 17:08:08.0685 0x232c AFD - ok 17:08:08.0705 0x232c agp440 - ok 17:08:08.0714 0x232c ahcache - ok 17:08:08.0714 0x232c AJRouter - ok 17:08:08.0730 0x232c ALG - ok 17:08:08.0730 0x232c AmdK8 - ok 17:08:08.0746 0x232c AmdPPM - ok 17:08:08.0746 0x232c amdsata - ok 17:08:08.0761 0x232c amdsbs - ok 17:08:08.0761 0x232c amdxata - ok 17:08:08.0777 0x232c AppHostSvc - ok 17:08:08.0777 0x232c AppID - ok 17:08:08.0792 0x232c AppIDSvc - ok 17:08:08.0792 0x232c Appinfo - ok 17:08:08.0808 0x232c AppReadiness - ok 17:08:08.0808 0x232c AppXSvc - ok 17:08:08.0824 0x232c arcsas - ok 17:08:08.0839 0x232c [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\WINDOWS\system32\drivers\asahci64.sys 17:08:08.0871 0x232c asahci64 - ok 17:08:08.0886 0x232c aspnet_state - ok 17:08:08.0886 0x232c AsyncMac - ok 17:08:08.0902 0x232c atapi - ok 17:08:08.0902 0x232c athr - ok 17:08:08.0917 0x232c AudioEndpointBuilder - ok 17:08:08.0917 0x232c Audiosrv - ok 17:08:08.0933 0x232c AxInstSV - ok 17:08:08.0933 0x232c b06bdrv - ok 17:08:08.0933 0x232c BasicDisplay - ok 17:08:08.0949 0x232c BasicRender - ok 17:08:08.0964 0x232c bcmfn - ok 17:08:08.0964 0x232c bcmfn2 - ok 17:08:08.0964 0x232c BDESVC - ok 17:08:08.0964 0x232c Beep - ok 17:08:08.0996 0x232c [ C88B130365524EC69F6B8E0D31D7561D, 5D3797C93420477F4509C037511D497448EFDA7D567E15CB623FB5EEE9209146 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe 17:08:09.0011 0x232c BEService - ok 17:08:09.0027 0x232c BFE - ok 17:08:09.0027 0x232c BITS - ok 17:08:09.0042 0x232c [ FBCF6C6B5FF25AFC7A9CBE485ABFCF6E, 858D5435D167FF8AD6552C6151F62DFD273740B7F1E98147DD5A527D6DA350D6 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe 17:08:09.0058 0x232c BlackBerry Device Manager - ok 17:08:09.0074 0x232c [ 03A9A5014F371F17FF5C8488A9A702CC, A50B3F30BE645C90BFDA16729A00B66E40ED617F33F092A9DB2C0530185A120B ] blackberryncm C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys 17:08:09.0121 0x232c blackberryncm - ok 17:08:09.0121 0x232c bowser - ok 17:08:09.0136 0x232c BrokerInfrastructure - ok 17:08:09.0152 0x232c Browser - ok 17:08:09.0152 0x232c BthAvrcpTg - ok 17:08:09.0167 0x232c BthHFEnum - ok 17:08:09.0183 0x232c bthhfhid - ok 17:08:09.0199 0x232c BthHFSrv - ok 17:08:09.0214 0x232c BTHMODEM - ok 17:08:09.0230 0x232c bthserv - ok 17:08:09.0230 0x232c buttonconverter - ok 17:08:09.0246 0x232c CapImg - ok 17:08:09.0261 0x232c cdfs - ok 17:08:09.0261 0x232c CDPSvc - ok 17:08:09.0277 0x232c cdrom - ok 17:08:09.0292 0x232c CertPropSvc - ok 17:08:09.0308 0x232c circlass - ok 17:08:09.0324 0x232c CLFS - ok 17:08:09.0339 0x232c ClipSVC - ok 17:08:09.0355 0x232c CmBatt - ok 17:08:09.0371 0x232c CNG - ok 17:08:09.0371 0x232c cnghwassist - ok 17:08:09.0402 0x232c CompositeBus - ok 17:08:09.0417 0x232c COMSysApp - ok 17:08:09.0433 0x232c condrv - ok 17:08:09.0433 0x232c CoreMessagingRegistrar - ok 17:08:09.0480 0x232c [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 17:08:09.0527 0x232c cphs - ok 17:08:09.0542 0x232c [ D03466C36EF0E5C7694FF38B45271D9D, 367E0C1F0C49C31F26EC6A8828FE5727D70C637FD8C4213D10E43C80A0EA259E ] Creative Media Toolbox 6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe 17:08:09.0589 0x232c Creative Media Toolbox 6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 ) 17:08:11.0928 0x232c Detect skipped due to KSN trusted 17:08:11.0928 0x232c Creative Media Toolbox 6 Licensing Service - ok 17:08:11.0928 0x232c CryptSvc - ok 17:08:11.0944 0x232c [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 17:08:11.0959 0x232c CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 ) 17:08:14.0281 0x232c Detect skipped due to KSN trusted 17:08:14.0281 0x232c CTAudSvcService - ok 17:08:14.0313 0x232c [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda C:\WINDOWS\system32\drivers\cthda.sys 17:08:14.0328 0x232c cthda - ok 17:08:14.0360 0x232c [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc C:\WINDOWS\sysWow64\CtHdaSvc.exe 17:08:14.0485 0x232c CtHdaSvc - ok 17:08:14.0500 0x232c [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb C:\WINDOWS\system32\DRIVERS\cthdb.sys 17:08:14.0563 0x232c cthdb - ok 17:08:14.0578 0x232c dam - ok 17:08:14.0578 0x232c dbupdate - ok 17:08:14.0578 0x232c dbupdatem - ok 17:08:14.0610 0x232c DcomLaunch - ok 17:08:14.0610 0x232c DcpSvc - ok 17:08:14.0625 0x232c defragsvc - ok 17:08:14.0641 0x232c DeviceAssociationService - ok 17:08:14.0656 0x232c DeviceInstall - ok 17:08:14.0656 0x232c DevQueryBroker - ok 17:08:14.0672 0x232c Dfsc - ok 17:08:14.0672 0x232c Dhcp - ok 17:08:14.0688 0x232c diagnosticshub.standardcollector.service - ok 17:08:14.0703 0x232c DiagTrack - ok 17:08:14.0750 0x232c [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe 17:08:14.0766 0x232c DigitalWave.Update.Service - ok 17:08:14.0766 0x232c disk - ok 17:08:14.0781 0x232c DmEnrollmentSvc - ok 17:08:14.0781 0x232c dmvsc - ok 17:08:14.0797 0x232c dmwappushservice - ok 17:08:14.0797 0x232c Dnscache - ok 17:08:14.0813 0x232c dot3svc - ok 17:08:14.0813 0x232c DPS - ok 17:08:14.0828 0x232c drmkaud - ok 17:08:14.0844 0x232c DsmSvc - ok 17:08:14.0844 0x232c DsSvc - ok 17:08:14.0860 0x232c DXGKrnl - ok 17:08:14.0860 0x232c Eaphost - ok 17:08:14.0875 0x232c ebdrv - ok 17:08:14.0875 0x232c EFS - ok 17:08:14.0891 0x232c EhStorClass - ok 17:08:14.0891 0x232c EhStorTcgDrv - ok 17:08:14.0906 0x232c embeddedmode - ok 17:08:14.0922 0x232c EntAppSvc - ok 17:08:14.0938 0x232c ErrDev - ok 17:08:14.0953 0x0c50 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc 17:08:14.0953 0x232c [ F0398A8040D902ED669B5C8C64AD855D, 77B784A6105E34F4ED480993F36B28C68F16080EB590623CBE8DE022274DA359 ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys 17:08:15.0016 0x232c ESProtectionDriver - ok 17:08:15.0031 0x232c EventSystem - ok 17:08:15.0047 0x232c exfat - ok 17:08:15.0047 0x232c fastfat - ok 17:08:15.0063 0x232c Fax - ok 17:08:15.0078 0x232c fdc - ok 17:08:15.0094 0x232c fdPHost - ok 17:08:15.0110 0x232c FDResPub - ok 17:08:15.0110 0x232c fhsvc - ok 17:08:15.0125 0x232c FileCrypt - ok 17:08:15.0141 0x232c FileInfo - ok 17:08:15.0157 0x232c Filetrace - ok 17:08:15.0172 0x232c flpydisk - ok 17:08:15.0188 0x232c FltMgr - ok 17:08:15.0188 0x232c FontCache - ok 17:08:15.0203 0x232c FontCache3.0.0.0 - ok 17:08:15.0219 0x232c FsDepends - ok 17:08:15.0219 0x232c Fs_Rec - ok 17:08:15.0235 0x232c fvevol - ok 17:08:15.0250 0x232c gagp30kx - ok 17:08:15.0250 0x232c gencounter - ok 17:08:15.0266 0x232c genericusbfn - ok 17:08:15.0407 0x232c [ 97DC871A801DF42AD1008F0BBFD1ED8E, 7D90E1064863D0E976B9D1529A07808E3A38BA0FFEF5E7E920CC049DC05A15F1 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 17:08:15.0625 0x232c GfExperienceService - ok 17:08:15.0657 0x232c GPIOClx0101 - ok 17:08:15.0657 0x232c gpsvc - ok 17:08:15.0672 0x232c GpuEnergyDrv - ok 17:08:15.0688 0x232c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:08:15.0688 0x232c gupdate - ok 17:08:15.0703 0x232c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 17:08:15.0766 0x232c gupdatem - ok 17:08:15.0782 0x232c HDAudBus - ok 17:08:15.0797 0x232c HidBatt - ok 17:08:15.0813 0x232c HidBth - ok 17:08:15.0828 0x232c hidi2c - ok 17:08:15.0828 0x232c hidinterrupt - ok 17:08:15.0844 0x232c HidIr - ok 17:08:15.0860 0x232c hidserv - ok 17:08:15.0875 0x232c HidUsb - ok 17:08:15.0875 0x232c HomeGroupListener - ok 17:08:15.0891 0x232c HomeGroupProvider - ok 17:08:15.0907 0x232c HpSAMD - ok 17:08:15.0922 0x232c HTTP - ok 17:08:15.0938 0x232c hwpolicy - ok 17:08:15.0953 0x232c hyperkbd - ok 17:08:15.0969 0x232c i8042prt - ok 17:08:15.0969 0x232c iai2c - ok 17:08:15.0985 0x232c iaLPSS2i_I2C - ok 17:08:16.0000 0x232c iaLPSSi_GPIO - ok 17:08:16.0000 0x232c iaLPSSi_I2C - ok 17:08:16.0016 0x232c iaStorAV - ok 17:08:16.0032 0x232c iaStorV - ok 17:08:16.0047 0x232c ibbus - ok 17:08:16.0063 0x232c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 17:08:16.0063 0x232c ICCS - ok 17:08:16.0078 0x232c icssvc - ok 17:08:16.0094 0x232c IEEtwCollectorService - ok 17:08:16.0469 0x232c [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 17:08:16.0532 0x232c igfx - ok 17:08:16.0594 0x232c [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 17:08:16.0719 0x232c igfxCUIService1.0.0.0 - ok 17:08:16.0750 0x232c [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys 17:08:16.0797 0x232c ikbevent - ok 17:08:16.0813 0x232c IKEEXT - ok 17:08:16.0829 0x232c [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys 17:08:16.0875 0x232c imsevent - ok 17:08:16.0907 0x232c [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 17:08:16.0985 0x232c intaud_WaveExtensible - ok 17:08:17.0000 0x232c [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 17:08:17.0016 0x232c Intel(R) Capability Licensing Service Interface - ok 17:08:17.0047 0x232c [ 709C8623721A1F1EF388EA75A07EC33B, 8F3046F1699E7B560827A965C66F3FCACDE24CD451829D4D2218038830344867 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 17:08:17.0094 0x232c Intel(R) ME Service - detected UnsignedFile.Multi.Generic ( 1 ) 17:08:17.0407 0x0c50 Object send P2P result: true 17:08:19.0391 0x232c Detect skipped due to KSN trusted 17:08:19.0391 0x232c Intel(R) ME Service - ok 17:08:19.0407 0x232c intelide - ok 17:08:19.0422 0x232c intelpep - ok 17:08:19.0422 0x232c intelppm - ok 17:08:19.0438 0x232c IoQos - ok 17:08:19.0454 0x232c IpFilterDriver - ok 17:08:19.0469 0x232c iphlpsvc - ok 17:08:19.0469 0x232c IPMIDRV - ok 17:08:19.0485 0x232c IPNAT - ok 17:08:19.0501 0x232c IRENUM - ok 17:08:19.0501 0x232c isapnp - ok 17:08:19.0516 0x232c iScsiPrt - ok 17:08:19.0532 0x232c [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 17:08:19.0532 0x232c iwdbus - ok 17:08:19.0563 0x232c [ C44B44E24B929631D9D7368F5B2B40CF, A7F11A5A970FA30CC358B9A0FE8163B686208E424C6682AEA45C06B1E7E11963 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 17:08:19.0626 0x232c jhi_service - ok 17:08:19.0641 0x232c kbdclass - ok 17:08:19.0641 0x232c kbdhid - ok 17:08:19.0657 0x232c kdnic - ok 17:08:19.0672 0x232c KeyIso - ok 17:08:19.0672 0x232c KSecDD - ok 17:08:19.0688 0x232c KSecPkg - ok 17:08:19.0688 0x232c ksthunk - ok 17:08:19.0688 0x232c KtmRm - ok 17:08:19.0704 0x232c LanmanServer - ok 17:08:19.0719 0x232c LanmanWorkstation - ok 17:08:19.0735 0x232c lfsvc - ok 17:08:19.0751 0x232c [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys 17:08:19.0829 0x232c LGBusEnum - ok 17:08:19.0844 0x232c [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys 17:08:19.0876 0x232c LGCoreTemp - ok 17:08:19.0876 0x232c [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys 17:08:19.0891 0x232c LGJoyXlCore - ok 17:08:19.0923 0x232c [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys 17:08:19.0954 0x232c LGSHidFilt - ok 17:08:19.0969 0x232c [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys 17:08:20.0016 0x232c LGVirHid - ok 17:08:20.0016 0x232c LicenseManager - ok 17:08:20.0032 0x232c lltdio - ok 17:08:20.0032 0x232c lltdsvc - ok 17:08:20.0047 0x232c lmhosts - ok 17:08:20.0047 0x232c [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 17:08:20.0063 0x232c LMS - ok 17:08:20.0079 0x232c [ 835492A19713031377DC76B70A0C01E3, 015F4C376BEFFB313914AC8DD66761BF6BE5B5FB040248BB89206EB36959E24E ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe 17:08:20.0141 0x232c LogiRegistryService - ok 17:08:20.0157 0x232c LSI_SAS - ok 17:08:20.0172 0x232c LSI_SAS2i - ok 17:08:20.0188 0x232c LSI_SAS3i - ok 17:08:20.0204 0x232c LSI_SSS - ok 17:08:20.0219 0x232c LSM - ok 17:08:20.0219 0x232c luafv - ok 17:08:20.0235 0x232c MapsBroker - ok 17:08:20.0251 0x232c [ 4774408EA07208FBC81E19367702D8EE, 52227ABBC59E040AF9C49996E3E7E1B08C9740987D3F90214933164B02B36645 ] MbaeSvc C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe 17:08:20.0266 0x232c MbaeSvc - ok 17:08:20.0282 0x232c [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 17:08:20.0282 0x232c MBAMProtector - ok 17:08:20.0313 0x232c [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 17:08:20.0329 0x232c MBAMScheduler - ok 17:08:20.0360 0x232c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 17:08:20.0391 0x232c MBAMService - ok 17:08:20.0423 0x232c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 17:08:20.0501 0x232c MBAMSwissArmy - ok 17:08:20.0516 0x232c [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys 17:08:20.0579 0x232c MBAMWebAccessControl - ok 17:08:20.0594 0x232c megasas - ok 17:08:20.0594 0x232c megasr - ok 17:08:20.0610 0x232c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 17:08:20.0626 0x232c MEIx64 - ok 17:08:20.0626 0x232c MessagingService - ok 17:08:20.0657 0x232c mlx4_bus - ok 17:08:20.0673 0x232c MMCSS - ok 17:08:20.0688 0x232c Modem - ok 17:08:20.0704 0x232c monitor - ok 17:08:20.0719 0x232c mouclass - ok 17:08:20.0751 0x232c mouhid - ok 17:08:20.0766 0x232c mountmgr - ok 17:08:20.0782 0x232c [ C34AFFB6DD93C01DD5E00E692FBC3E96, AE6052DA9DE81E489239C334AA0D9C3A7274C6FA4C0E5DA7F74B6F79318E4246 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 17:08:20.0813 0x232c MozillaMaintenance - ok 17:08:20.0829 0x232c mpsdrv - ok 17:08:20.0844 0x232c MpsSvc - ok 17:08:20.0844 0x232c MQAC - ok 17:08:20.0860 0x232c MRxDAV - ok 17:08:20.0860 0x232c mrxsmb - ok 17:08:20.0876 0x232c mrxsmb10 - ok 17:08:20.0876 0x232c mrxsmb20 - ok 17:08:20.0891 0x232c MsBridge - ok 17:08:20.0907 0x232c MSDTC - ok 17:08:20.0923 0x232c Msfs - ok 17:08:20.0938 0x232c msgpiowin32 - ok 17:08:20.0938 0x232c mshidkmdf - ok 17:08:20.0954 0x232c mshidumdf - ok 17:08:20.0954 0x232c msisadrv - ok 17:08:20.0969 0x232c MSiSCSI - ok 17:08:20.0985 0x232c msiserver - ok 17:08:20.0985 0x232c MSKSSRV - ok 17:08:21.0001 0x232c MsLldp - ok 17:08:21.0001 0x232c MSMQ - ok 17:08:21.0016 0x232c MSPCLOCK - ok 17:08:21.0016 0x232c MSPQM - ok 17:08:21.0032 0x232c MsRPC - ok 17:08:21.0032 0x232c mssmbios - ok 17:08:21.0048 0x232c MSTEE - ok 17:08:21.0048 0x232c MTConfig - ok 17:08:21.0063 0x232c Mup - ok 17:08:21.0063 0x232c mvumis - ok 17:08:21.0079 0x232c NativeWifiP - ok 17:08:21.0094 0x232c NcaSvc - ok 17:08:21.0094 0x232c NcbService - ok 17:08:21.0110 0x232c NcdAutoSetup - ok 17:08:21.0126 0x232c ndfltr - ok 17:08:21.0141 0x232c NDIS - ok 17:08:21.0141 0x232c NdisCap - ok 17:08:21.0157 0x232c NdisImPlatform - ok 17:08:21.0173 0x232c NdisTapi - ok 17:08:21.0188 0x232c Ndisuio - ok 17:08:21.0204 0x232c NdisVirtualBus - ok 17:08:21.0219 0x232c NdisWan - ok 17:08:21.0235 0x232c ndiswanlegacy - ok 17:08:21.0251 0x232c ndproxy - ok 17:08:21.0266 0x232c Ndu - ok 17:08:21.0266 0x232c NetBIOS - ok 17:08:21.0282 0x232c NetBT - ok 17:08:21.0298 0x232c Netlogon - ok 17:08:21.0313 0x232c Netman - ok 17:08:21.0329 0x232c NetMsmqActivator - ok 17:08:21.0329 0x232c NetPipeActivator - ok 17:08:21.0360 0x232c netprofm - ok 17:08:21.0376 0x232c NetSetupSvc - ok 17:08:21.0376 0x232c NetTcpActivator - ok 17:08:21.0391 0x232c NetTcpPortSharing - ok 17:08:21.0407 0x232c NgcCtnrSvc - ok 17:08:21.0423 0x232c NgcSvc - ok 17:08:21.0423 0x232c NlaSvc - ok 17:08:21.0423 0x232c Npfs - ok 17:08:21.0423 0x232c npsvctrig - ok 17:08:21.0438 0x232c nsi - ok 17:08:21.0454 0x232c nsiproxy - ok 17:08:21.0485 0x232c NTFS - ok 17:08:21.0485 0x232c Null - ok 17:08:21.0532 0x232c [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys 17:08:21.0579 0x232c NVHDA - ok 17:08:22.0398 0x232c [ 2C5C31D18A238768346B896DCE154DBF, A6CD62787B1D57EE63A75B61063B0FEB2193571DF20845F52F6DBF42DC6C6110 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 17:08:22.0570 0x232c nvlddmkm - ok 17:08:22.0633 0x232c [ FB9407F47E184208E4880FA1DC28B9D4, 7FCA90AF10F9C578B928B93301EF3FB85157BB71D9F6865D6CD5CB5C0ECF3A2F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 17:08:22.0664 0x232c NvNetworkService - ok 17:08:22.0680 0x232c nvraid - ok 17:08:22.0680 0x232c nvstor - ok 17:08:22.0680 0x232c [ 9F0938D041D6203DA3B95AA3EBE4C34E, 4BBF1E49C9B521C42ABAAC1A4274E785F4E20611D091D5BE218408A2D5753B0E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 17:08:22.0680 0x232c NvStreamKms - ok 17:08:22.0883 0x232c [ 2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B, 17864F9BE08F76E6875167A2E9CA15A01C12872635399FF66CEBEA91FE43B541 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 17:08:23.0008 0x232c NvStreamNetworkSvc - ok 17:08:23.0117 0x232c [ A8FD46F7EA7410847C3EBE84C4B18BB1, 6F428B26035268131F4AFED141307642FB20042B998BDDF6C3E27306711A6067 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 17:08:23.0211 0x232c NvStreamSvc - ok 17:08:23.0273 0x232c [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B, C72B9FEC5354ED38F0CB08ACE64811307B97154B518EF618EA04F6E48376C5BE ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 17:08:23.0289 0x232c nvsvc - ok 17:08:23.0320 0x232c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 17:08:23.0367 0x232c nvvad_WaveExtensible - ok 17:08:23.0383 0x232c nv_agp - ok 17:08:23.0399 0x232c OneSyncSvc - ok 17:08:23.0448 0x232c [ 28DDD258E19923891AC9B1A95E3D0F44, F7FD0EEBEDCBE8C2AE0C6B191B047F88F9D9BD375B78CCA252A4C2E52D9622C1 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe 17:08:23.0495 0x232c Origin Client Service - ok 17:08:23.0510 0x232c p2pimsvc - ok 17:08:23.0510 0x232c p2psvc - ok 17:08:23.0526 0x232c Parport - ok 17:08:23.0541 0x232c partmgr - ok 17:08:23.0557 0x232c PcaSvc - ok 17:08:23.0573 0x232c pci - ok 17:08:23.0588 0x232c pciide - ok 17:08:23.0604 0x232c pcmcia - ok 17:08:23.0620 0x232c pcw - ok 17:08:23.0635 0x232c pdc - ok 17:08:23.0714 0x232c [ 9C63D4C4F00A6C20DB51515ABD8BD0A0, 8E1E87C5A6AC770529341F3BB53EAFFF0948C20FC605F9C482B6FB5E57BEED1B ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe 17:08:23.0947 0x232c PDF Architect 3 - ok 17:08:23.0998 0x232c [ 8510198FCE40F07D5ED7F8BD5CF05A93, 7DC420519851C3A9724F0406B280860E645CBFFDC6D6BF6679A79ED2FDD9C6BF ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe 17:08:24.0017 0x232c PDF Architect 3 CrashHandler - ok 17:08:24.0039 0x232c [ 10B6DFA227FDDC0AA533778B0BF52460, D04442CE945E19B40920112B9AED6EE492302D962DBF133F58FF466072CFD5E3 ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe 17:08:24.0042 0x232c PDF Architect 3 Creator - ok 17:08:24.0058 0x232c PEAUTH - ok 17:08:24.0073 0x232c percsas2i - ok 17:08:24.0073 0x232c percsas3i - ok 17:08:24.0105 0x232c PerfHost - ok 17:08:24.0136 0x232c PhoneSvc - ok 17:08:24.0152 0x232c PimIndexMaintenanceSvc - ok 17:08:24.0152 0x232c pla - ok 17:08:24.0167 0x232c PlugPlay - ok 17:08:24.0183 0x232c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe 17:08:24.0198 0x232c PnkBstrA - ok 17:08:24.0214 0x232c PNRPAutoReg - ok 17:08:24.0226 0x232c PNRPsvc - ok 17:08:24.0242 0x232c PolicyAgent - ok 17:08:24.0245 0x232c Power - ok 17:08:24.0248 0x232c PptpMiniport - ok 17:08:24.0321 0x232c [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 17:08:24.0415 0x232c PrintNotify - ok 17:08:24.0415 0x232c Processor - ok 17:08:24.0415 0x232c ProfSvc - ok 17:08:24.0431 0x232c Psched - ok 17:08:24.0431 0x232c QWAVE - ok 17:08:24.0431 0x232c QWAVEdrv - ok 17:08:24.0446 0x232c RasAcd - ok 17:08:24.0462 0x232c RasAgileVpn - ok 17:08:24.0487 0x232c RasAuto - ok 17:08:24.0492 0x232c Rasl2tp - ok 17:08:24.0492 0x232c RasMan - ok 17:08:24.0508 0x232c RasPppoe - ok 17:08:24.0524 0x232c RasSstp - ok 17:08:24.0539 0x232c rdbss - ok 17:08:24.0555 0x232c rdpbus - ok 17:08:24.0555 0x232c RDPDR - ok 17:08:24.0570 0x232c RdpVideoMiniport - ok 17:08:24.0570 0x232c rdyboost - ok 17:08:24.0586 0x232c ReFSv1 - ok 17:08:24.0633 0x232c [ 84C83C7577407C4FF6AB1379EE944610, 497695C775D193357996BE6009247026596907B5568BDD32DA8677042F9BA302 ] regi C:\Windows\system32\drivers\regi.sys 17:08:24.0680 0x232c regi - ok 17:08:24.0695 0x232c RemoteAccess - ok 17:08:24.0711 0x232c RemoteRegistry - ok 17:08:24.0727 0x232c RetailDemo - ok 17:08:24.0742 0x232c [ 2B00B7041B52CE1AE29AD911B2B735C0, FF5BD8F84028CAE539B65F395B2C52D7ADE7E6915EDE467247AA597AFF282485 ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe 17:08:24.0742 0x232c RIM MDNS - ok 17:08:24.0821 0x232c [ 1E8D50BEA8B2D0C1C08937C6B04FD7C8, B196B940F037119EF890DCF3F9D819D77C0927B59DD290D5442C9E9E4593FB60 ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe 17:08:24.0899 0x232c RIM Tunnel Service - ok 17:08:24.0899 0x232c [ ACDAE153E985974714423A705C3490C7, B7D38141B34B7E0CA3D36B7A6E662F76474C8AFAAD32EEECE5D1E290D4B84A7B ] RimUsb C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys 17:08:24.0946 0x232c RimUsb - ok 17:08:24.0961 0x232c [ 8D5E629E39FD2A36ADF963BBAECC15D2, 63C857DEC2A28D94519392412CAD1DFAA84FA5BE84AB8EA4862872CA8EE55A92 ] rimvndis C:\WINDOWS\System32\Drivers\rimvndis6_AMD64.sys 17:08:24.0992 0x232c rimvndis - ok 17:08:25.0008 0x232c [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys 17:08:25.0039 0x232c RimVSerPort - ok 17:08:25.0055 0x232c ROOTMODEM - ok 17:08:25.0055 0x232c RpcEptMapper - ok 17:08:25.0071 0x232c RpcLocator - ok 17:08:25.0071 0x232c RpcSs - ok 17:08:25.0086 0x232c rspndr - ok 17:08:25.0086 0x232c rt640x64 - ok 17:08:25.0086 0x232c s3cap - ok 17:08:25.0102 0x232c SamSs - ok 17:08:25.0102 0x232c sbp2port - ok 17:08:25.0117 0x232c SCardSvr - ok 17:08:25.0133 0x232c ScDeviceEnum - ok 17:08:25.0149 0x232c scfilter - ok 17:08:25.0164 0x232c Schedule - ok 17:08:25.0180 0x232c SCPolicySvc - ok 17:08:25.0180 0x232c sdbus - ok 17:08:25.0196 0x232c SDRSVC - ok 17:08:25.0211 0x232c sdstor - ok 17:08:25.0246 0x232c seclogon - ok 17:08:25.0260 0x232c SENS - ok 17:08:25.0263 0x232c SensorDataService - ok 17:08:25.0267 0x232c SensorService - ok 17:08:25.0278 0x232c SensrSvc - ok 17:08:25.0294 0x232c SerCx - ok 17:08:25.0310 0x232c SerCx2 - ok 17:08:25.0326 0x232c Serenum - ok 17:08:25.0341 0x232c Serial - ok 17:08:25.0357 0x232c sermouse - ok 17:08:25.0357 0x232c SessionEnv - ok 17:08:25.0357 0x232c sfloppy - ok 17:08:25.0388 0x232c SharedAccess - ok 17:08:25.0404 0x232c ShellHWDetection - ok 17:08:25.0404 0x232c SiSRaid2 - ok 17:08:25.0419 0x232c SiSRaid4 - ok 17:08:25.0435 0x232c [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 17:08:25.0451 0x232c SkypeUpdate - ok 17:08:25.0466 0x232c smphost - ok 17:08:25.0482 0x232c SmsRouter - ok 17:08:25.0510 0x232c SNMPTRAP - ok 17:08:25.0525 0x232c spaceport - ok 17:08:25.0541 0x232c SpbCx - ok 17:08:25.0557 0x232c Spooler - ok 17:08:25.0572 0x232c sppsvc - ok 17:08:25.0604 0x232c srv - ok 17:08:25.0619 0x232c srv2 - ok 17:08:25.0635 0x232c srvnet - ok 17:08:25.0650 0x232c SSDPSRV - ok 17:08:25.0682 0x232c SstpSvc - ok 17:08:25.0682 0x232c StateRepository - ok 17:08:25.0822 0x232c [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 17:08:25.0932 0x232c Steam Client Service - ok 17:08:25.0963 0x232c [ 361FCD486D585F388B576E48D11157B2, D14B73976F46ADAC70A08B07B0A25928D25DBC808CFC6297C3E45077749C1758 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 17:08:25.0963 0x232c Stereo Service - ok 17:08:25.0979 0x232c stexstor - ok 17:08:25.0994 0x232c stisvc - ok 17:08:25.0994 0x232c storahci - ok 17:08:26.0010 0x232c storflt - ok 17:08:26.0010 0x232c stornvme - ok 17:08:26.0025 0x232c storqosflt - ok 17:08:26.0041 0x232c StorSvc - ok 17:08:26.0041 0x232c storufs - ok 17:08:26.0041 0x232c storvsc - ok 17:08:26.0057 0x232c svsvc - ok 17:08:26.0072 0x232c swenum - ok 17:08:26.0072 0x232c swprv - ok 17:08:26.0072 0x232c Synth3dVsc - ok 17:08:26.0072 0x232c SysMain - ok 17:08:26.0072 0x232c SystemEventsBroker - ok 17:08:26.0088 0x232c TabletInputService - ok 17:08:26.0088 0x232c TapiSrv - ok 17:08:26.0104 0x232c Tcpip - ok 17:08:26.0119 0x232c Tcpip6 - ok 17:08:26.0135 0x232c tcpipreg - ok 17:08:26.0150 0x232c tdx - ok 17:08:26.0166 0x232c terminpt - ok 17:08:26.0182 0x232c TermService - ok 17:08:26.0197 0x232c Themes - ok 17:08:26.0229 0x232c TieringEngineService - ok 17:08:26.0244 0x232c tiledatamodelsvc - ok 17:08:26.0260 0x232c TimeBroker - ok 17:08:26.0276 0x232c TPM - ok 17:08:26.0307 0x232c TrkWks - ok 17:08:26.0307 0x232c TrustedInstaller - ok 17:08:26.0322 0x232c tsusbflt - ok 17:08:26.0338 0x232c TsUsbGD - ok 17:08:26.0354 0x232c tunnel - ok 17:08:26.0369 0x232c tzautoupdate - ok 17:08:26.0401 0x232c uagp35 - ok 17:08:26.0416 0x232c UASPStor - ok 17:08:26.0416 0x232c UcmCx0101 - ok 17:08:26.0432 0x232c UcmUcsi - ok 17:08:26.0447 0x232c Ucx01000 - ok 17:08:26.0463 0x232c UdeCx - ok 17:08:26.0479 0x232c udfs - ok 17:08:26.0494 0x232c UEFI - ok 17:08:26.0510 0x232c Ufx01000 - ok 17:08:26.0526 0x232c UfxChipidea - ok 17:08:26.0541 0x232c ufxsynopsys - ok 17:08:26.0572 0x232c UI0Detect - ok 17:08:26.0588 0x232c uliagpkx - ok 17:08:26.0604 0x232c umbus - ok 17:08:26.0619 0x232c UmPass - ok 17:08:26.0635 0x232c UmRdpService - ok 17:08:26.0651 0x232c UnistoreSvc - ok 17:08:26.0682 0x232c [ 193AD338F2A64D17300AD640ADFA5D0A, DABFFFE66CE7335F477C14C1D95AB9DB3C2EA3155ACBE41049FE217532E731C0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 17:08:26.0697 0x232c UNS - ok 17:08:26.0713 0x232c upnphost - ok 17:08:26.0713 0x232c UrsChipidea - ok 17:08:26.0729 0x232c UrsCx01000 - ok 17:08:26.0744 0x232c UrsSynopsys - ok 17:08:26.0744 0x232c usbccgp - ok 17:08:26.0760 0x232c usbcir - ok 17:08:26.0776 0x232c usbehci - ok 17:08:26.0776 0x232c usbhub - ok 17:08:26.0791 0x232c USBHUB3 - ok 17:08:26.0791 0x232c usbohci - ok 17:08:26.0807 0x232c usbprint - ok 17:08:26.0822 0x232c usbser - ok 17:08:26.0838 0x232c USBSTOR - ok 17:08:26.0838 0x232c usbuhci - ok 17:08:26.0854 0x232c USBXHCI - ok 17:08:26.0869 0x232c UserDataSvc - ok 17:08:26.0901 0x232c UserManager - ok 17:08:26.0916 0x232c UsoSvc - ok 17:08:26.0932 0x232c VaultSvc - ok 17:08:26.0947 0x232c vdrvroot - ok 17:08:26.0963 0x232c vds - ok 17:08:26.0979 0x232c VerifierExt - ok 17:08:26.0994 0x232c vhdmp - ok 17:08:27.0010 0x232c vhf - ok 17:08:27.0026 0x232c vmbus - ok 17:08:27.0057 0x232c VMBusHID - ok 17:08:27.0072 0x232c vmicguestinterface - ok 17:08:27.0088 0x232c vmicheartbeat - ok 17:08:27.0104 0x232c vmickvpexchange - ok 17:08:27.0119 0x232c vmicrdv - ok 17:08:27.0135 0x232c vmicshutdown - ok 17:08:27.0151 0x232c vmictimesync - ok 17:08:27.0166 0x232c vmicvmsession - ok 17:08:27.0166 0x232c vmicvss - ok 17:08:27.0182 0x232c volmgr - ok 17:08:27.0213 0x232c volmgrx - ok 17:08:27.0213 0x232c volsnap - ok 17:08:27.0229 0x232c vpci - ok 17:08:27.0229 0x232c vsmraid - ok 17:08:27.0244 0x232c VSS - ok 17:08:27.0244 0x232c VSTXRAID - ok 17:08:27.0260 0x232c vwifibus - ok 17:08:27.0276 0x232c vwififlt - ok 17:08:27.0291 0x232c vwifimp - ok 17:08:27.0307 0x232c W32Time - ok 17:08:27.0322 0x232c w3logsvc - ok 17:08:27.0338 0x232c W3SVC - ok 17:08:27.0369 0x232c WacomPen - ok 17:08:27.0385 0x232c WalletService - ok 17:08:27.0401 0x232c wanarp - ok 17:08:27.0419 0x232c wanarpv6 - ok 17:08:27.0420 0x232c WAS - ok 17:08:27.0436 0x232c wbengine - ok 17:08:27.0452 0x232c WbioSrvc - ok 17:08:27.0467 0x232c Wcmsvc - ok 17:08:27.0483 0x232c wcncsvc - ok 17:08:27.0499 0x232c WcsPlugInService - ok 17:08:27.0514 0x232c WdBoot - ok 17:08:27.0530 0x232c Wdf01000 - ok 17:08:27.0545 0x232c WdFilter - ok 17:08:27.0561 0x232c WdiServiceHost - ok 17:08:27.0577 0x232c WdiSystemHost - ok 17:08:27.0577 0x232c wdiwifi - ok 17:08:27.0577 0x232c WdNisDrv - ok 17:08:27.0577 0x232c WdNisSvc - ok 17:08:27.0592 0x232c WebClient - ok 17:08:27.0608 0x232c Wecsvc - ok 17:08:27.0624 0x232c WEPHOSTSVC - ok 17:08:27.0639 0x232c wercplsupport - ok 17:08:27.0655 0x232c WerSvc - ok 17:08:27.0670 0x232c WFPLWFS - ok 17:08:27.0686 0x232c WiaRpc - ok 17:08:27.0717 0x232c WIMMount - ok 17:08:27.0717 0x232c WinDefend - ok 17:08:27.0749 0x232c WindowsTrustedRT - ok 17:08:27.0780 0x232c WindowsTrustedRTProxy - ok 17:08:27.0795 0x232c WinHttpAutoProxySvc - ok 17:08:27.0811 0x232c WinMad - ok 17:08:27.0827 0x232c Winmgmt - ok 17:08:27.0827 0x232c WinRM - ok 17:08:27.0858 0x232c WINUSB - ok 17:08:27.0889 0x232c WinVerbs - ok 17:08:27.0905 0x232c WlanSvc - ok 17:08:27.0920 0x232c wlidsvc - ok 17:08:27.0920 0x232c [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys 17:08:27.0967 0x232c WmBEnum - ok 17:08:27.0999 0x232c [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\WINDOWS\system32\drivers\WmFilter.sys 17:08:27.0999 0x232c WmFilter - ok 17:08:28.0014 0x232c WmiAcpi - ok 17:08:28.0030 0x232c wmiApSrv - ok 17:08:28.0045 0x232c WMPNetworkSvc - ok 17:08:28.0061 0x232c [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys 17:08:28.0108 0x232c WmVirHid - ok 17:08:28.0139 0x232c [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys 17:08:28.0186 0x232c WmXlCore - ok 17:08:28.0233 0x232c [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 17:08:28.0342 0x232c Wof - ok 17:08:28.0389 0x232c workfolderssvc - ok 17:08:28.0405 0x232c wpcfltr - ok 17:08:28.0421 0x232c WPDBusEnum - ok 17:08:28.0436 0x232c WpdUpFltr - ok 17:08:28.0467 0x232c WpnService - ok 17:08:28.0483 0x232c [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\WINDOWS\system32\drivers\WPRO_41_2001.sys 17:08:28.0546 0x232c WPRO_41_2001 - ok 17:08:28.0561 0x232c ws2ifsl - ok 17:08:28.0577 0x232c wscsvc - ok 17:08:28.0592 0x232c WSearch - ok 17:08:28.0624 0x232c WSService - ok 17:08:28.0639 0x232c wuauserv - ok 17:08:28.0655 0x232c WudfPf - ok 17:08:28.0655 0x232c WUDFRd - ok 17:08:28.0655 0x232c wudfsvc - ok 17:08:28.0686 0x232c WUDFWpdFs - ok 17:08:28.0702 0x232c WUDFWpdMtp - ok 17:08:28.0717 0x232c WwanSvc - ok 17:08:28.0733 0x232c XblAuthManager - ok 17:08:28.0749 0x232c XblGameSave - ok 17:08:28.0764 0x232c xboxgip - ok 17:08:28.0796 0x232c XboxNetApiSvc - ok 17:08:28.0796 0x232c xinputhid - ok 17:08:28.0811 0x232c ================ Scan global =============================== 17:08:28.0905 0x232c [ Global ] - ok 17:08:28.0905 0x232c ================ Scan MBR ================================== 17:08:28.0905 0x232c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 17:08:29.0061 0x232c \Device\Harddisk0\DR0 - ok 17:08:29.0077 0x232c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 17:08:29.0139 0x232c \Device\Harddisk1\DR1 - ok 17:08:29.0139 0x232c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2 17:08:29.0889 0x232c \Device\Harddisk2\DR2 - ok 17:08:29.0889 0x232c ================ Scan VBR ================================== 17:08:29.0889 0x232c [ 1FF6CA933A00458307B5BE9A55F85876 ] \Device\Harddisk0\DR0\Partition1 17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition1 - ok 17:08:29.0905 0x232c [ 71709CE15C8CC56028B584A38AA06DDC ] \Device\Harddisk0\DR0\Partition2 17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition2 - ok 17:08:29.0905 0x232c [ 94A49332897DFD79DF6CF43A6D869119 ] \Device\Harddisk0\DR0\Partition3 17:08:29.0905 0x232c \Device\Harddisk0\DR0\Partition3 - ok 17:08:29.0905 0x232c [ 614277AB4FEDE6F5545AD0E267B38825 ] \Device\Harddisk1\DR1\Partition1 17:08:29.0968 0x232c \Device\Harddisk1\DR1\Partition1 - ok 17:08:29.0968 0x232c [ B5CA8BF51C74D1C1702BECAEA96E755D ] \Device\Harddisk2\DR2\Partition1 17:08:30.0014 0x232c \Device\Harddisk2\DR2\Partition1 - ok 17:08:30.0030 0x232c ================ Scan generic autorun ====================== 17:08:30.0311 0x232c [ 915706084701A81E159AF9A7DFD4447C, 2576EB32CFB5FF2733F2B1F5AD41C27CDF2610B008A766DA64824FDD7BB0741C ] C:\Program Files\Logitech Gaming Software\LCore.exe 17:08:30.0639 0x232c Launch LCore - ok 17:08:30.0671 0x232c [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe 17:08:30.0749 0x232c Start WingMan Profiler - ok 17:08:30.0811 0x232c [ 59F14B3C78849982699CE34068708308, 008137E41CAFB78522C655F6661CA49B9629ABD40319419B1DDE60E96CBE7504 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 17:08:30.0843 0x232c NvBackend - ok 17:08:30.0874 0x232c ShadowPlay - ok 17:08:30.0874 0x232c [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 17:08:30.0921 0x232c USB3MON - ok 17:08:30.0953 0x232c OneDriveSetup - ok 17:08:30.0954 0x232c OneDriveSetup - ok 17:08:30.0998 0x232c [ DE76D8D3E89686D2842520CC0D55AF44, 16C97A9CEFA6529BE61410EBF9BE9299F6AC8272C6296A936F1B18BD5DAFDB5E ] C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 17:08:31.0081 0x232c Revo Uninstaller - ok 17:08:31.0143 0x232c [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe 17:08:31.0221 0x232c Akamai NetSession Interface - ok 17:08:31.0409 0x232c [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe 17:08:31.0531 0x232c CCleaner Monitoring - ok 17:08:31.0765 0x232c [ 6798339CF7C87F5F567A8F050614D6B8, 679180427BD3423EA2C3D81869CAE77B2E6FF149FE374FFDD40C5D8AC0FCD81B ] C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe 17:08:31.0906 0x232c FileHippo.com - ok 17:08:31.0969 0x232c Uninstall C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 - ok 17:08:31.0984 0x232c OneDriveSetup - ok 17:08:32.0031 0x232c [ DE76D8D3E89686D2842520CC0D55AF44, 16C97A9CEFA6529BE61410EBF9BE9299F6AC8272C6296A936F1B18BD5DAFDB5E ] C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 17:08:32.0078 0x232c Revo Uninstaller - ok 17:08:32.0094 0x232c WinPatrol - ok 17:08:32.0219 0x232c [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe 17:08:32.0281 0x232c Akamai NetSession Interface - ok 17:08:32.0453 0x232c [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe 17:08:32.0578 0x232c CCleaner Monitoring - ok 17:08:32.0578 0x232c WAB Migrate - ok 17:08:32.0594 0x232c OneDriveSetup - ok 17:08:32.0594 0x232c WAB Migrate - ok 17:08:32.0594 0x232c Waiting for KSN requests completion. In queue: 73 17:08:32.0997 0x0368 Object required for P2P: [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B ] nvsvc 17:08:33.0612 0x232c Waiting for KSN requests completion. In queue: 35 17:08:34.0614 0x232c Waiting for KSN requests completion. In queue: 35 17:08:35.0440 0x0368 Object send P2P result: true 17:08:35.0690 0x232c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated ) 17:08:35.0706 0x232c Win FW state via NFP2: enabled ( trusted ) 17:08:38.0127 0x232c ============================================================ 17:08:38.0127 0x232c Scan finished 17:08:38.0127 0x232c ============================================================ 17:08:38.0127 0x25b0 Detected object count: 0 17:08:38.0127 0x25b0 Actual detected object count: 0 |
12.01.2016, 19:50 | #5 |
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
12.01.2016, 20:24 | #6 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter # AdwCleaner v5.029 - Bericht erstellt am 12/01/2016 um 20:00:49 # Aktualisiert am 11/01/2016 von Xplode # Datenbank : 2016-01-11.4 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : Helliot - MORPHEUS # Gestartet von : C:\Users\Helliot\Desktop\adwcleaner_5.029.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Geplante Aufgabe Gelöscht : Scheduled Update for Ask Toolbar [-] Geplante Aufgabe Gelöscht : Software Updater [-] Geplante Aufgabe Gelöscht : Software Updater Ui ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ***** [ Internetbrowser ] ***** [-] [C:\Users\GrandmasterACE\AppData\Roaming\Mozilla\Firefox\Profiles\a2atou75.default\prefs.js] [Preference] Gelöscht : user_pref("urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey", 1371152225); ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2054 Bytes] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12.01.2016 Suchlaufzeit: 20:05 Protokolldatei: 123.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.12.06 Rootkit-Datenbank: v2016.01.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Helliot Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 521715 Abgelaufene Zeit: 7 Min., 53 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.2 (01.06.2016) Operating System: Windows 10 Home x64 Ran by Helliot (Administrator) on 12.01.2016 at 20:15:11,59 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\Users\Helliot\AppData\Roaming\pdfforge (Folder) Registry: 1 Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12.01.2016 at 20:16:20,19 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01 durchgeführt von Helliot (Administrator) auf MORPHEUS (12-01-2016 20:22:12) Gestartet von C:\Users\Helliot\Downloads Geladene Profile: Helliot (Verfügbare Profile: Helliot & GrandmasterACE & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\System32\PnkBstrA.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Revo Uninstaller] => C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe [3161648 2013-07-03] (VS Revo Group) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\RunOnce: [Uninstall C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-04-26] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{83ac9df7-6c28-4091-921e-08a29f9fe4ba}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e3935004-bc88-41ac-b0ba-8e293dc64751}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> DefaultScope {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-19] (Oracle Corporation) Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab FireFox: ======== FF ProfilePath: C:\Users\Helliot\AppData\Roaming\Mozilla\Firefox\Profiles\cqqp165q.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] () FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-14] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Helliot\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: electronicarts.com/GameFacePlugin -> C:\Users\Helliot\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts) Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => Keine Datei CHR Profile: C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-10] CHR Extension: (Google Präsentationen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-10] CHR Extension: (Google Docs) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-10] CHR Extension: (Google Drive) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10] CHR Extension: (uBlock Origin) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-08] CHR Extension: (Google-Suche) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Google Tabellen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-10] CHR Extension: (Google Docs Offline) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Microsoft Edge - Dark Theme) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\hicepmjogaihmngebapbmkdnjllmhnfb [2015-10-10] CHR Extension: (Ghostery) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10] CHR Extension: (Google Mail) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-10] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-07-09] () R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited) S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2015-01-13] (Creative Labs) [Datei ist nicht signiert] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-05] (Electronic Arts) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-04-14] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-14] (pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-14] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-05] () R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.) R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.) S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [25600 2015-01-23] (BlackBerry Limited) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [80384 2015-01-14] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-07] () U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-12 20:16 - 2016-01-12 20:16 - 00000780 _____ C:\Users\Helliot\Desktop\JRT.txt 2016-01-12 20:13 - 2016-01-12 20:13 - 00001191 _____ C:\Users\Helliot\Desktop\123.txt 2016-01-12 20:08 - 2016-01-12 20:15 - 01600184 _____ (Malwarebytes) C:\Users\Helliot\Desktop\JRT.exe 2016-01-12 19:55 - 2016-01-12 19:55 - 01754112 _____ C:\Users\Helliot\Desktop\adwcleaner_5.029.exe 2016-01-12 17:07 - 2016-01-12 17:10 - 00091744 _____ C:\TDSSKiller.3.1.0.9_12.01.2016_17.07.04_log.txt 2016-01-12 16:56 - 2016-01-12 16:56 - 00066562 _____ C:\Users\Helliot\Downloads\Addition.txt 2016-01-12 16:53 - 2016-01-12 20:22 - 00028472 _____ C:\Users\Helliot\Downloads\FRST.txt 2016-01-12 16:52 - 2016-01-12 20:22 - 00000000 ____D C:\FRST 2016-01-12 16:50 - 2016-01-12 17:06 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Helliot\Downloads\tdsskiller.exe 2016-01-12 16:50 - 2016-01-12 16:52 - 02370560 _____ (Farbar) C:\Users\Helliot\Downloads\FRST64.exe 2016-01-08 12:06 - 2016-01-08 12:06 - 00051796 _____ C:\Users\Helliot\Downloads\SKM_364e16010708480.pdf 2015-12-22 17:55 - 2015-12-22 17:55 - 00291877 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215032.pdf 2015-12-22 17:43 - 2015-12-22 17:43 - 00287394 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215031.pdf 2015-12-22 07:27 - 2015-12-22 07:27 - 00001460 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-12-22 07:25 - 2015-12-22 07:27 - 00000000 ____D C:\Users\Helliot\AppData\Local\NVIDIA 2015-12-22 07:25 - 2015-12-22 07:25 - 00002216 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-12-22 07:25 - 2015-12-22 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-22 07:25 - 2015-12-16 17:59 - 01846016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01530240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2015-12-22 07:24 - 2016-01-12 20:02 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-22 07:24 - 2015-12-16 15:54 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-12-22 07:24 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-12-22 07:24 - 2015-12-16 15:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-12-22 07:24 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-12-22 07:23 - 2015-12-18 09:48 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-21 23:24 - 2015-12-21 23:24 - 00034656 _____ C:\Users\Helliot\Downloads\re07_12_15-11_12_BB_Schönaich_ST_Sedlak.dot.pdf 2015-12-21 23:24 - 2015-12-21 23:24 - 00034631 _____ C:\Users\Helliot\Downloads\re08_12_15-11_12_BB_Schönaich_ST_Aydin.dot.pdf 2015-12-19 16:08 - 2015-12-19 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2015-12-19 15:47 - 2016-01-12 20:00 - 00000000 ____D C:\AdwCleaner 2015-12-19 15:38 - 2016-01-12 16:49 - 00000000 ____D C:\Users\Helliot\Documents\Meine FileHippo-Downloads 2015-12-19 15:38 - 2015-12-19 15:38 - 00002127 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2015-12-19 15:38 - 2015-12-19 15:38 - 00002097 _____ C:\Users\Helliot\Desktop\FileHippo App Manager.lnk 2015-12-19 15:32 - 2015-12-19 15:32 - 00001991 _____ C:\Users\Helliot\Desktop\Malwarebytes Anti-Exploit.lnk 2015-12-19 15:30 - 2016-01-12 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-12-19 14:32 - 2015-12-19 14:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-19 13:16 - 2015-12-19 14:32 - 02870984 _____ (ESET) C:\Users\Helliot\Desktop\esetsmartinstaller_deu.exe 2015-12-19 13:05 - 2015-12-19 13:06 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-12-19 13:05 - 2015-11-20 22:40 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2015-12-17 19:12 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-17 19:11 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-12-17 19:11 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-17 19:11 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-17 19:11 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-17 19:11 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-17 19:11 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-17 19:11 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2015-12-17 19:11 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-17 19:11 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-17 19:11 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-12-17 19:11 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-12-17 19:11 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2015-12-16 23:48 - 2015-12-16 23:48 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-12-14 18:41 - 2016-01-06 01:22 - 00000000 ____D C:\Users\Helliot\AppData\Local\Deployment 2015-12-14 18:20 - 2015-12-14 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-12-13 14:28 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-12-13 14:28 - 2015-11-24 13:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-12-13 14:28 - 2015-11-24 12:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-13 14:28 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2015-12-13 14:28 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-12-13 14:28 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-12-13 14:28 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-12-13 14:28 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll 2015-12-13 14:28 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2015-12-13 14:28 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2015-12-13 14:28 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-12-13 14:28 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2015-12-13 14:28 - 2015-11-24 09:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-12-13 14:28 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-12-13 14:28 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-13 14:28 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2015-12-13 14:28 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2015-12-13 14:28 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-13 14:28 - 2015-11-24 09:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-13 14:28 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-13 14:28 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-13 14:28 - 2015-11-24 08:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-12-13 14:28 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-12-13 14:28 - 2015-11-24 08:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-12-13 14:28 - 2015-11-24 08:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-13 14:28 - 2015-11-24 08:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-13 14:28 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-12-13 14:28 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-12-13 14:28 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll 2015-12-13 14:28 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2015-12-13 14:28 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2015-12-13 14:28 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll 2015-12-13 14:28 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-12-13 14:28 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-12-13 14:28 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-13 14:28 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-13 14:28 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2015-12-13 14:28 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-12-13 14:28 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2015-12-13 14:28 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-13 14:28 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll 2015-12-13 14:28 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll 2015-12-13 14:28 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2015-12-13 14:28 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2015-12-13 14:28 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2015-12-13 14:28 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-12-13 14:28 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-12-13 14:28 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2015-12-13 14:28 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-12-13 14:28 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll 2015-12-13 14:28 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2015-12-13 14:28 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-12-13 14:28 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll 2015-12-13 14:28 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-12-13 14:28 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-12-13 14:28 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-12-13 14:28 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-12-13 14:28 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-13 14:28 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-13 14:28 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-12-13 14:28 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-13 14:28 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-12-13 14:28 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-13 14:28 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2015-12-13 14:28 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-12-13 14:28 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-12-13 14:28 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2015-12-13 14:28 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2015-12-13 14:28 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-13 14:28 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-13 14:28 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-12-13 14:28 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-13 14:28 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-13 14:28 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-13 14:28 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-13 14:28 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-13 14:28 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-12-13 14:28 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-13 14:28 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-13 14:28 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-13 14:28 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-12-13 14:28 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2015-12-13 14:28 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-13 14:28 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-12-13 14:28 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-13 14:27 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2015-12-13 14:27 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2015-12-13 14:27 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2015-12-13 14:27 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2015-12-13 14:27 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-13 14:27 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-13 14:27 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-13 14:27 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-13 14:27 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-13 13:53 - 2015-12-13 13:53 - 00000000 ___RD C:\Users\Helliot\3D Objects 2015-12-13 12:30 - 2015-12-13 12:30 - 00001094 _____ C:\Users\Public\Desktop\BlackBerry Blend.lnk 2015-12-13 12:30 - 2015-12-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Blend 2015-12-13 12:30 - 2015-12-13 12:30 - 00000000 ____D C:\Program Files (x86)\BlackBerry 2015-12-13 12:29 - 2015-12-13 12:29 - 00001178 _____ C:\Users\Public\Desktop\BlackBerry Link.lnk 2015-12-13 12:29 - 2015-12-13 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Link 2015-12-13 12:29 - 2012-12-10 16:48 - 00044544 _____ (Research in Motion Ltd) C:\WINDOWS\system32\Drivers\RimSerial_AMD64.sys 2015-12-13 11:18 - 2015-12-13 11:18 - 00000000 ____D C:\Users\Helliot\AppData\Local\ActiveSync 2015-12-13 11:16 - 2015-12-13 11:16 - 00000020 ___SH C:\Users\Helliot\ntuser.ini 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-12-13 04:42 - 2015-12-13 04:42 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-12-13 04:41 - 2016-01-12 20:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-13 04:38 - 2015-12-13 04:38 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-13 04:38 - 2015-12-13 04:38 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2015-12-13 04:38 - 2015-12-13 04:38 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2015-12-13 04:37 - 2015-12-13 04:39 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-12-13 04:37 - 2015-12-13 04:37 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2015-12-13 04:36 - 2016-01-12 20:09 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-13 04:36 - 2015-12-20 23:43 - 00000000 ____D C:\Users\Helliot 2015-12-13 04:36 - 2015-12-16 23:48 - 00000000 ____D C:\Users\DefaultAppPool 2015-12-13 04:36 - 2015-12-13 04:40 - 00000000 ____D C:\Users\GrandmasterACE 2015-12-13 04:36 - 2015-12-13 04:36 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\Helliot\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\GrandmasterACE\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-12-13 04:36 - 2015-12-13 04:36 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten 2015-12-13 04:36 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-13 04:35 - 2015-12-22 07:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-22 07:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-22 07:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-12-13 04:35 - 2015-12-13 04:37 - 00000000 ____D C:\Users\Public\Creative 2015-12-13 04:35 - 2015-12-13 04:37 - 00000000 ____D C:\Program Files\Intel 2015-12-13 04:35 - 2015-12-13 04:35 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2015-12-13 04:35 - 2015-10-17 16:37 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-12-13 04:35 - 2015-10-17 16:37 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-12-13 04:34 - 2015-12-14 18:27 - 00201440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-13 04:34 - 2015-12-13 04:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-12-13 04:33 - 2015-12-13 12:32 - 00000000 ___DC C:\WINDOWS\Panther 2015-12-13 04:32 - 2015-12-13 04:32 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2015-12-13 04:32 - 2015-12-13 04:32 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2015-12-13 04:32 - 2015-12-13 04:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys 2015-12-13 04:32 - 2015-12-13 04:32 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe 2015-12-13 04:32 - 2015-12-13 04:32 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-12-13 04:32 - 2015-12-13 04:32 - 00000000 ____D C:\Windows.old 2015-12-13 04:31 - 2015-12-13 04:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-12-13 04:31 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2015-12-13 04:31 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2015-12-13 04:31 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2015-12-13 04:31 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2015-12-13 04:31 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\system32\msmq 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files\MSBuild 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-12-13 04:30 - 2015-12-13 04:30 - 00000000 ____D C:\inetpub 2015-12-13 04:30 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-13 04:30 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-12-13 04:30 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-12-13 04:30 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-12 20:21 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-12 20:21 - 2015-10-10 18:10 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-12 20:09 - 2015-10-30 19:35 - 00898014 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-12 20:09 - 2015-10-30 19:35 - 00201500 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-12 20:09 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-12 20:05 - 2014-06-29 19:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-12 20:03 - 2015-10-10 18:10 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-12 20:03 - 2015-10-08 22:20 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-01-12 20:03 - 2015-10-07 19:37 - 00000000 __SHD C:\Users\Helliot\IntelGraphicsProfiles 2016-01-12 20:03 - 2013-07-18 20:33 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Dropbox 2016-01-12 20:03 - 2012-10-05 20:50 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2016-01-12 20:02 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-12 19:35 - 2014-11-11 22:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-12 19:25 - 2015-10-08 22:20 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-01-12 18:25 - 2015-10-07 20:01 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1551DC1-A338-4D4E-8C71-384D0FD0D468} 2016-01-12 16:51 - 2012-10-14 22:05 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Skype 2016-01-12 16:50 - 2015-01-12 22:47 - 00000000 ____D C:\ProgramData\Skype 2016-01-11 20:42 - 2014-01-03 21:05 - 00000000 ____D C:\Users\Helliot\AppData\Local\Battle.net 2016-01-10 05:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-09 02:19 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-08 18:33 - 2015-10-20 18:04 - 00000000 ____D C:\Users\Helliot\Documents\EVE 2016-01-08 13:13 - 2012-10-05 20:50 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2016-01-08 12:21 - 2015-07-18 19:15 - 00000000 ____D C:\Users\Helliot\Desktop\HAUS Schönaich 2016-01-06 03:39 - 2013-08-09 12:07 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\vlc 2016-01-05 22:02 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-05 00:40 - 2012-11-28 23:05 - 00000000 ____D C:\Users\Helliot\Desktop\EFT 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Program Files\WinRAR 2016-01-04 01:51 - 2012-10-06 02:29 - 00000000 ____D C:\Users\Helliot\AppData\Local\CrashDumps 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-28 22:35 - 2014-11-11 22:46 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-12-28 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-28 14:50 - 2015-07-28 22:35 - 00001324 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-12-28 14:50 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2015-12-28 14:50 - 2014-11-08 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-12-28 14:47 - 2013-05-18 18:53 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\DVDVideoSoft 2015-12-23 07:01 - 2012-10-05 21:10 - 00001165 _____ C:\Users\Helliot\Desktop\MSI Afterburner.lnk 2015-12-22 07:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2015-12-22 07:11 - 2012-10-06 17:57 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-12-20 23:43 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-19 16:10 - 2014-03-28 14:38 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\WinPatrol 2015-12-19 16:10 - 2014-03-24 18:52 - 00000000 ____D C:\ProgramData\InstallMate 2015-12-19 15:59 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack 2015-12-19 15:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-19 15:54 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2015-12-19 15:52 - 2013-05-18 23:13 - 00000000 ____D C:\avast! sandbox 2015-12-19 15:52 - 2013-05-14 00:42 - 00000000 ____D C:\ProgramData\AVAST Software 2015-12-19 15:51 - 2015-07-30 18:07 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-19 15:38 - 2013-05-18 23:44 - 00000000 ____D C:\Program Files (x86)\FileHippo.com 2015-12-19 14:17 - 2013-07-20 14:05 - 00000000 ____D C:\ProgramData\TEMP 2015-12-19 13:15 - 2014-01-17 12:28 - 00000000 ____D C:\ProgramData\Oracle 2015-12-19 13:06 - 2015-08-17 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-19 13:06 - 2014-01-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-19 13:06 - 2013-09-23 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-12-19 12:55 - 2014-03-28 22:59 - 00001274 _____ C:\Users\Helliot\Desktop\Revo Uninstaller.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00002439 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00000000 ___RD C:\Users\Helliot\OneDrive 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\vbox 2015-12-16 22:22 - 2015-10-10 18:10 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-16 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-14 18:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat 2015-12-13 12:49 - 2015-07-27 17:34 - 00000000 ____D C:\Users\Helliot\AppData\Local\BlackBerry 2015-12-13 12:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ModemLogs 2015-12-13 12:29 - 2013-10-03 13:16 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-13 11:33 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Helliot\AppData\Local\Packages 2015-12-13 11:32 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-12-13 11:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-12-13 11:16 - 2015-10-07 19:37 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-12-13 11:16 - 2015-10-07 19:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2015-12-13 04:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT 2015-12-13 04:42 - 2015-10-07 19:15 - 00031404 _____ C:\WINDOWS\diagerr.xml 2015-12-13 04:42 - 2015-10-07 19:15 - 00030483 _____ C:\WINDOWS\diagwrn.xml 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-12-13 04:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration 2015-12-13 04:41 - 2015-10-25 16:26 - 00002296 _____ C:\WINDOWS\System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} 2015-12-13 04:41 - 2015-10-10 18:10 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-13 04:41 - 2015-10-10 18:10 - 00003424 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-13 04:41 - 2015-10-08 22:20 - 00003748 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2015-12-13 04:41 - 2015-10-08 22:20 - 00003524 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2015-12-13 04:41 - 2015-10-07 19:32 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-12-13 04:41 - 2015-07-28 22:33 - 00002388 _____ C:\WINDOWS\System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} 2015-12-13 04:41 - 2014-12-25 22:17 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-12-13 04:41 - 2014-07-20 15:23 - 00002294 _____ C:\WINDOWS\System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} 2015-12-13 04:41 - 2013-12-20 12:44 - 00002294 _____ C:\WINDOWS\System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} 2015-12-13 04:41 - 2013-10-23 17:17 - 00002412 _____ C:\WINDOWS\System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} 2015-12-13 04:41 - 2013-08-08 18:10 - 00002078 _____ C:\WINDOWS\System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} 2015-12-13 04:41 - 2013-08-08 00:29 - 00002280 _____ C:\WINDOWS\System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} 2015-12-13 04:41 - 2013-06-30 11:46 - 00002294 _____ C:\WINDOWS\System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} 2015-12-13 04:41 - 2012-10-22 16:45 - 00002304 _____ C:\WINDOWS\System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} 2015-12-13 04:41 - 2012-10-07 14:28 - 00002276 _____ C:\WINDOWS\System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} 2015-12-13 04:41 - 2012-10-06 17:57 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-12-13 04:41 - 2012-10-06 12:26 - 00002424 _____ C:\WINDOWS\System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} 2015-12-13 04:41 - 2012-10-06 12:16 - 00002288 _____ C:\WINDOWS\System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} 2015-12-13 04:41 - 2012-10-05 20:50 - 00003044 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d 2015-12-13 04:41 - 2012-10-05 20:50 - 00002702 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon 2015-12-13 04:39 - 2015-12-11 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-13 04:39 - 2015-10-21 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2015-12-13 04:39 - 2015-10-20 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVE 2015-12-13 04:39 - 2015-10-17 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16 2015-12-13 04:39 - 2015-10-10 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-13 04:39 - 2015-10-10 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2015-12-13 04:39 - 2015-04-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-12-13 04:39 - 2015-04-19 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3 2015-12-13 04:39 - 2015-01-13 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-12-13 04:39 - 2015-01-12 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeinPlatz 2015-12-13 04:39 - 2014-10-30 21:05 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2015-12-13 04:39 - 2014-06-29 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-13 04:39 - 2014-04-05 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DevPro 2015-12-13 04:39 - 2014-03-28 22:59 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-12-13 04:39 - 2014-01-03 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2015-12-13 04:39 - 2013-12-03 17:06 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2015-12-13 04:39 - 2013-12-02 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2015-12-13 04:39 - 2013-11-05 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-12-13 04:39 - 2013-09-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-12-13 04:39 - 2013-06-30 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-12-13 04:39 - 2013-05-18 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-13 04:39 - 2013-05-12 13:34 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-12-13 04:39 - 2013-04-26 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK 2015-12-13 04:39 - 2013-04-24 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box 2015-12-13 04:39 - 2013-04-06 13:22 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-13 04:39 - 2013-04-06 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-12-13 04:39 - 2013-01-31 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5 2015-12-13 04:39 - 2012-10-06 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-12-13 04:39 - 2012-10-06 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-12-13 04:39 - 2012-10-05 21:10 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2015-12-13 04:39 - 2012-10-05 20:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-12-13 04:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-13 04:38 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated 2015-12-13 04:37 - 2015-12-10 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-13 04:37 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR 2015-12-13 04:37 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2015-12-13 04:37 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate 2015-12-13 04:37 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-13 04:37 - 2012-10-05 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology 2015-12-13 04:37 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-12-13 04:37 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games 2015-12-13 04:36 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-12-13 04:34 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2015-12-13 04:33 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2015-12-13 04:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-12-13 04:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-12-13 04:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2015-12-13 04:30 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2015-12-13 04:30 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2015-12-13 04:30 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2015-12-13 04:30 - 2015-10-30 08:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2015-12-13 04:30 - 2015-10-30 08:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2015-12-13 04:30 - 2015-10-30 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2015-12-13 04:30 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2015-12-13 04:30 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2015-12-13 04:30 - 2015-10-30 08:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2015-12-13 04:24 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-13 04:15 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-13 04:15 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-13 04:00 - 2015-12-12 00:26 - 00004473 _____ C:\ads_err.adt 2015-12-13 04:00 - 2015-12-12 00:26 - 00003072 _____ C:\ads_err.adi ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-07-23 19:08 - 2015-07-30 19:39 - 0008704 _____ () C:\Users\Helliot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-24 14:56 - 2012-12-24 14:56 - 0000095 _____ () C:\Users\Helliot\AppData\Local\fusioncache.dat 2015-10-01 18:27 - 2015-10-01 18:27 - 0000000 _____ () C:\Users\Helliot\AppData\Local\{78B09330-81F4-4EF6-B1B6-AA7CBAE12EBB} Einige Dateien in TEMP: ==================== C:\Users\Helliot\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-04 20:43 ==================== Ende von FRST.txt ============================ |
12.01.2016, 20:25 | #7 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01 durchgeführt von Helliot (2016-01-12 20:22:50) Gestartet von C:\Users\Helliot\Downloads Windows 10 Home (X64) (2015-12-13 03:42:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1876908282-3715187805-3812892742-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1876908282-3715187805-3812892742-503 - Limited - Disabled) Gast (S-1-5-21-1876908282-3715187805-3812892742-501 - Limited - Disabled) GrandmasterACE (S-1-5-21-1876908282-3715187805-3812892742-1016 - Limited - Enabled) => C:\Users\GrandmasterACE Helliot (S-1-5-21-1876908282-3715187805-3812892742-1000 - Administrator - Enabled) => C:\Users\Helliot HomeGroupUser$ (S-1-5-21-1876908282-3715187805-3812892742-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited) Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs) Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited) Curse Client - 1 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) EVE Online (HKLM-x32\...\{506FAE69-5B35-448D-9755-0300C6074695}) (Version: 3.0.0 - CCP Games Ltd.) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.) Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - ) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.) Sound Blaster Recon3D PCIe (HKLM-x32\...\{CA0A90CB-F659-4E0B-B2A2-C8CF4B752AEC}) (Version: 1.01.26 - Creative Technology Limited) Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TL-WN951N Driver (HKLM-x32\...\{CCE177D2-8FE3-494A-82C9-958CC79E73AD}) (Version: 1.0.0 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK) Unity Web Player (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0BAF27BF-317E-4F9F-866D-2D3139CCFF34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0FA189AC-D846-4D47-A7A6-11F51D4D432F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {0FA26273-7FAD-412B-8A54-14A8B3D2D39C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {129BED33-3CE9-4E1F-B641-DC24D5841B84} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG Task: {12C47B42-B987-4A43-9E3E-2E814AFD9548} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {166FCE99-6838-4B5D-B60D-A41A746D3D13} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {1832404E-9692-4663-ACA6-5D713B6CAFC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {1AB1D862-115B-4532-B2BD-72D65EE6A1FB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1ADE08AA-BA76-401F-B3D4-574F04357706} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {1C5FACFA-D0E9-46C7-8A06-183A171AB770} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {1C8016AC-FDCC-4597-B7E2-3DDE2C1CF753} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {1ED31CEB-913B-43E9-BD79-0FC4CC548B8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {1FFAD526-12D7-422C-94A2-EA03A99B865C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {272CB712-594B-4627-A297-6B7BF114F0E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {2E7997BF-8BE5-4EA9-A95D-E716F1800359} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {306983FC-D0DD-43C6-A935-0BB56EDE5B1F} - System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => pcalua.exe -a C:\Users\Helliot\Downloads\lgps306_x64.exe -d C:\Users\Helliot\Downloads Task: {31C348EE-39DE-4C56-A188-BD2E156A3562} - System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => pcalua.exe -a C:\Users\Helliot\Downloads\ST6UNST.EXE -d C:\Users\Helliot\Downloads Task: {34397EE7-82EA-4203-BD37-F94DC61DE797} - System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} => pcalua.exe -a "D:\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000 Task: {394FB6DE-C869-4527-BC1B-E1D35F603FB1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {442D3110-9FD2-43A7-971C-DC34D69989A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {4A085877-4476-44D8-9193-3F17B313E3DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4BF79F40-B555-4768-B224-1A47AA016F07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {4D0AB04A-F350-4043-B676-48092B046A5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {550E0D98-DD00-4907-B1F3-342050FBB3D7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {583DC1B4-74AF-4E3A-BE6A-9E78CC05852D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {70A97BB3-69F7-4976-BD9E-98AA8325681C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {715D37B1-A3DF-4111-9DC8-E3688B397805} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {76E8A1DF-5686-4DD9-8B40-0B0A3B544844} - System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => pcalua.exe -a C:\Users\Helliot\Downloads\iview436_setup.exe -d C:\Users\Helliot\Downloads Task: {79AA9890-6934-4720-BA9C-3F221AC7780C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33} - System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => pcalua.exe -a C:\Users\Helliot\Downloads\iview438_setup.exe -d C:\Users\Helliot\Downloads Task: {7F20631D-DDBA-4662-9ADD-972A633821DF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {856722EF-9D13-48DE-A22A-B5B31A9AB562} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {8986EF33-036D-4902-BD74-39173F903C5F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {8E0D05C1-BB4B-441A-810C-CA5922CF1485} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {934E48BA-8F6F-4440-94BB-CBF3E28E5242} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {95776C57-8195-4F99-8AED-83D520355001} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC} - System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => pcalua.exe -a C:\Users\Helliot\Downloads\setup.exe -d C:\Users\Helliot\Downloads Task: {9CD1CE2C-3259-4D6C-B40A-39041DC175FE} - System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {A00CAA1B-8BF0-4D48-81F8-484EC4E2FCCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6} - System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft" Task: {A10BB8C3-4BB5-40A4-80C3-5CD445BA035C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {A3342FCF-E15A-4DD2-AD6D-D803A0A41C4D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {A38905B8-A9D4-4134-9EA2-95E0ADC091CB} - System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} => pcalua.exe -a C:\Users\Helliot\AppData\Local\Unity\WebPlayer\Uninstall.exe -c /CurrentUser Task: {AD7DDE54-21D7-4517-9593-CA23E761D56B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B69F42B8-3628-4405-BE43-14C98FACB725} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {BB35265D-4C7C-44EB-BE88-4671DD9185C5} - System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => D:\Makroman\Makroman\SETUP1.EXE <==== ACHTUNG Task: {BBE2697C-FED9-40F8-B331-266EBE6B3D54} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C1EE81B8-3064-4811-9A1F-F50B8B38C864} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E51E85FF-DA1B-4C44-8116-0B2B45B525CD} - System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" Task: {EEECF037-8CAE-4B83-843A-93F8E0300FFC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {F0B8B10F-9E59-4DCF-8784-313BA9D51F89} - \Software Updater Ui -> Keine Datei <==== ACHTUNG Task: {F36832C7-49C6-4916-BA71-08229EB67DC3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7} - \Software Updater -> Keine Datei <==== ACHTUNG Task: {F728578E-C6EE-489E-8041-B07EF026CFD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {F8CD663A-CDD3-46DA-96B4-01DE9C368CDD} - System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => pcalua.exe -a C:\Users\Helliot\Downloads\iview437_setup.exe -d C:\Users\Helliot\Downloads Task: {FA98427E-7096-4310-AB47-6ACD728F7B2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {FE9D1E75-C974-486A-9F60-3583C5E28F4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated) Task: {FFAAE9E9-64F5-479D-82F1-DE976E312573} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2012-10-05 20:50 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2015-12-22 07:25 - 2015-12-16 17:59 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2014-12-17 16:19 - 2014-12-17 16:19 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-12-17 19:11 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-17 19:11 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-17 19:11 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-17 19:11 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-17 19:11 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-08 15:58 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2012-10-05 20:49 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2015-08-03 16:56 - 00512058 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 m.fr.a2dfp.net 0.0.0.0 mfr.a2dfp.net 0.0.0.0 ad.a8.net 0.0.0.0 asy.a8ww.net 0.0.0.0 static.a-ads.com 0.0.0.0 atlas.aamedia.ro 0.0.0.0 abcstats.com 0.0.0.0 ad4.abradio.cz 0.0.0.0 a.abv.bg 0.0.0.0 adserver.abv.bg 0.0.0.0 adv.abv.bg 0.0.0.0 bimg.abv.bg 0.0.0.0 ca.abv.bg 0.0.0.0 www2.a-counter.kiev.ua 0.0.0.0 track.acclaimnetwork.com 0.0.0.0 accuserveadsystem.com 0.0.0.0 www.accuserveadsystem.com 0.0.0.0 achmedia.com 0.0.0.0 csh.actiondesk.com 0.0.0.0 ads.activepower.net 0.0.0.0 app.activetrail.com 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie] 0.0.0.0 traffic.acwebconnecting.com 0.0.0.0 office.ad1.ru 0.0.0.0 cms.ad2click.nl 0.0.0.0 ad2games.com 0.0.0.0 ads.ad2games.com 0.0.0.0 content.ad20.net 0.0.0.0 core.ad20.net Da befinden sich 12238 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helliot\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{0B927C76-4B63-49D9-B552-82C0679177C8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{C9633B9E-8683-45AF-A995-4D0E1F2E65DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{528A0DB4-FF3D-4106-99A0-F6C9365FDCED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5A64F415-5D25-48E7-94DE-9168E1652CB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58D27B29-5ACD-4521-A78E-32A63EF86B2C}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{10B6A4D9-5E90-45A9-91F3-8A18A0DD6FE4}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{BD92F302-3A60-421B-81EE-E27B96FB1499}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{86B49B3B-F8E5-4F0B-BB50-273EA5E86CD1}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{F26F807B-A4C1-4EB0-B068-A5DF04052E68}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD0FAEE9-5067-4529-A699-95CE8D91E4BD}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD80BF80-6811-4734-9F71-24E5099E44E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C82C500A-6C02-4AB0-A1F7-08D5E1C643F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{5DE22059-C075-4ECC-BA29-BC9069EB1E38}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [TCP Query User{A4979378-DE8B-43BF-A39F-34A777138062}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{6736FC8E-86F5-41AF-A63F-9B288EDD0082}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [TCP Query User{BC2333FE-7701-43C8-AFB2-28289DF59DA6}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{139E65D7-9DCD-42EF-ABC2-EC92695412A5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{BBEB0FAD-4CB0-4310-A0EE-0730C19AA4A6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8BCFE5FC-41A5-45D9-9FEF-7E3B6A900579}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1C0A61B1-9D32-4E7C-B521-EEEE1F14D1E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6516A375-742D-4035-97B8-896233ABCCDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{266F4EF5-5086-403B-B76D-586F5A78A1DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{A5CB5A06-45D4-4D3A-A828-A1E184DE4E24}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{42886E48-ADA7-493E-952F-05DE1702DD10}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{C383E550-1CE7-4780-BBD5-9D2DDE526464}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{DDF9335F-BDDD-4B7F-8B14-A7FABB7A2091}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{4ABB48F3-D3E9-4DFA-AFD5-D0DDD66A02B7}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{C511EC64-DA6D-47D2-8861-DAFD4B9C3D0C}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{54082D66-418E-4A5D-9A08-4EFCB793F141}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{0D3563E2-7D4F-4578-A815-56C21990E12E}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{62E85091-1CFC-49DA-A381-2D1506395D45}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{19B2B5AA-747B-4F30-AC23-18C15E82E171}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{7C8B3004-3CE9-47FD-831C-AFFF45483DFA}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{FB50B207-BF10-4790-ACF5-484770EFFEE0}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{AEBC00CF-B069-4B71-8101-DDFE72C6CF17}] => (Allow) E:\fsetup.exe FirewallRules: [{AE686882-749D-4A38-BC40-18F97575F538}] => (Allow) E:\fsetup.exe FirewallRules: [TCP Query User{568F984C-A586-447A-BE2F-2924A12E073C}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [UDP Query User{AA814E8D-9E1D-4CBB-8FE4-C0D592C23130}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [TCP Query User{CA694090-E9C9-47D3-BF86-810657384E79}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{4A628D7D-758A-4D06-9011-9FEEA28EB724}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{FEF5D6AE-1286-4097-895E-4450CE2537B7}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{BA699DC5-1E88-46A3-AFB5-66FC9D576C8E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{007CEA8A-D573-4120-8D82-61DE56CB1EF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CEEAA8A5-DE66-4AE1-A0AC-C32E3F7DFF8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{09F1FD38-46F2-4E41-A08F-04476436A305}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8627F46E-16B4-4BBB-9CC0-A692908A7A8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E0FC1FC9-FD76-4D3A-B12E-24BD118389EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{0BFE8484-42BB-43CE-900A-C715C0AAEAF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{3F457E0B-8CFF-4DD1-A961-42A78A7717AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{618CC434-226B-40AB-AAC3-EE8718391229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{0D630E23-8E0A-496F-BF36-DD040ADDAA35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{96211E4D-9EC5-4531-A7EA-7A59F97A19BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{1C980DAD-44A9-4199-9F93-3576C8762AE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{94555346-4E9B-4B5A-A411-4E0BA532EFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{92C946A5-3AF0-47C2-8DEA-0E02EA0F7C23}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{1C6E86DD-CE22-49A9-AB02-4BD4C10E266F}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{C8E8167A-3C00-451E-855D-D7901B16F8F9}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{06872F15-5385-41AC-8079-C60611B6358E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{DB2796A6-36F4-4AAA-A64A-6BDD43E674BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{C062EB40-5993-4BF2-83D5-40F90E17617C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{113C377B-AC8C-43AC-9D5F-EEDE14BD5E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{DEF0DFE0-21DB-471B-8A0D-147808AC19C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{BC812440-55D4-4BC1-959C-DA5CD16DDDF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [{9F8AB3E5-7A47-4416-A298-02EAEDBA6573}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [TCP Query User{B27F46D7-3CF8-4ECC-994B-AF6D6C8D5A53}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{4A9174EE-D4C6-4BF8-96B2-67245C1F64B0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{C73009B1-FE7A-4DF9-8ED8-99C432CDD8CD}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [UDP Query User{C1B0777F-CDD3-4979-9F0E-F82C0D272668}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [TCP Query User{19291BB1-BDB3-46C4-B513-1B97032920DE}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [UDP Query User{76438013-4A59-4FC9-BD3A-2471DB68CF0D}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [TCP Query User{05C1F69D-E6F6-4425-82C8-15312204C9ED}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [UDP Query User{F8A06B3C-70D5-4014-98FB-992F61B64E9F}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [TCP Query User{1767DF7F-D26F-4569-9EA9-36D56D1F2676}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [UDP Query User{F66A7FB9-CDA3-4F43-97BD-505A68E15983}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [{BD5B5645-3564-4BB6-8B7C-A8C59F647846}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{B3757FFF-A038-4B20-B302-83EDDC5321B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{F741DF01-B8CC-48BB-8080-9D07943C4585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{4F5B615F-A185-49CE-B6B0-F00D6E3F0DA2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [TCP Query User{1EFBABD3-4A5A-4B24-B021-33403EEF1488}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [UDP Query User{03F12889-54C8-40F9-9670-20283152568B}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [TCP Query User{E2CD74F6-A502-4F23-9673-754AD5843422}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [UDP Query User{A81B6273-DE2B-4840-A2CB-BEC6D50855EA}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [{6CC59246-0A26-48FA-AA4F-24DEA6959A32}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{5D003418-4478-4916-A94C-C1389C026E52}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{86F7CE9F-95AE-4B10-A9F6-DB7A634941D4}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{0BE5A949-3624-44D8-B737-0470666B92CC}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{B6917F29-E7FB-4AB4-9DD6-A14C32E2DA30}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [UDP Query User{BD67422D-2000-4041-8022-4BBB9E623E63}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [{1C78B32C-780E-4653-89DE-A0478DEE0EFE}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{BAF62BAC-7972-4943-B7D9-EE0615F3B043}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{AF4501EB-0F9E-45AF-B19F-08C35426302C}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [{A6A7E103-EA95-499B-8FEB-4A2B68C65449}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [TCP Query User{A8E5B9C8-D4C2-4674-86BF-D17D6F723B5F}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{4D25963D-066C-4A6A-A3FD-FBAC3E1622B6}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [{3B9B8085-0F25-4F5E-83F2-BE5AED176A7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{2C46AC31-8D77-4D6D-9923-D3700243FD6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{12598A0D-DE41-41C5-A7DC-70A9C9F65465}] => (Allow) tunmgr.exe FirewallRules: [{97C121A3-6E2F-4BCA-B1EF-1165F8AB668D}] => (Allow) tunmgr.exe FirewallRules: [{9598F0AB-4875-4933-9305-89CB5CE9EFEB}] => (Allow) mDNSResponder.exe FirewallRules: [{A9932669-337C-4B1A-BA01-F260855EE99D}] => (Allow) mDNSResponder.exe FirewallRules: [{4EC7B0B2-6196-4431-B22B-09CF48CC57A7}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{7F73E8D7-58E6-41EF-8E45-D43686F0D421}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{60AC01DD-CB9C-4612-9D4B-D4632D5314A5}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [TCP Query User{08775B4F-8238-4627-B2EB-3D0F8FC0FAB2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{06DE6B7B-51C4-4E95-BCB4-FD6A3A4C074E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{E496D335-EF2E-4F1E-9ADA-2B35E4C675EA}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{1743BE12-BA92-41AE-93B8-4571C581EF60}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{026A6911-15CD-4CE7-8866-E6B866937037}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{D7949B87-D512-40C3-B8C8-A23AFE6AEA08}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [{4C5891E8-AC81-4E20-875C-3FCAFFA2AC9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E55A4142-057F-4DCE-BAC9-B92C8499FED3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27476226-F7CE-49F6-BE2E-FD27E31F64EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{68CBEDC1-9504-46DB-BEAF-9B796911DE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{80E8BE5D-5E0D-45C1-A7A3-49017AB7AD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3CDED019-2C56-4236-AC31-B86A348FDD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7F8CD4F7-D92B-4180-937B-ACF897FA3FC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8D249944-9F82-4D57-A32A-26CFE3EF9234}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A24AC716-5A02-4A4B-8FCD-E0FEBDAC9CD8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{8249C33E-CD22-4556-BAE8-45641D61DA7F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/12/2016 07:23:27 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Local Hostname Morpheus.local already in use; will try Morpheus-2.local instead Error: (01/12/2016 07:23:27 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Morpheus.local. Addr 192.168.178.27 Error: (01/12/2016 07:23:27 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.178.27:5353 16 Morpheus.local. AAAA 2A02:8070:A1A3:4200:055B:08EA:4800:39E3 Error: (01/12/2016 07:23:27 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Morpheus.local. Addr 192.168.178.27 Error: (01/12/2016 07:23:27 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.178.27:5353 16 Morpheus.local. AAAA 2A02:8070:A1A3:4200:055B:08EA:4800:39E3 Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus-2.local. Error: (01/12/2016 04:48:19 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 0000:0000:0000:0000:0000:0000:0000:0001:5353 16 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 012095F0 Pkt Record: 0AF7FCCB 22 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus.local. Error: (01/12/2016 04:48:18 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 574FFCE2 24 18fa8fadfec4c23507db0ac594d670._tunnel._tcp.local. SRV 0 0 1552 Morpheus-2.local. Systemfehler: ============= Error: (01/12/2016 08:15:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/12/2016 08:02:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/12/2016 08:02:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_1c62ec0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BlackBerry Device Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect 3 Creator" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "BlackBerry Link Communication Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/12/2016 08:00:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-01-10 17:10:30.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-10 17:10:30.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-10 17:10:30.086 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-10 17:10:29.952 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:06:15.441 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:06:15.372 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-08 12:06:15.291 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-06 03:45:26.278 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-05 00:40:09.165 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-05 00:40:09.073 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Prozentuale Nutzung des RAM: 24% Installierter physikalischer RAM: 8087.05 MB Verfügbarer physikalischer RAM: 6095.71 MB Summe virtueller Speicher: 16279.05 MB Verfügbarer virtueller Speicher: 14161.15 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:97.12 GB) (Free:39.35 GB) NTFS Drive d: (Games) (Fixed) (Total:140.82 GB) (Free:19.6 GB) NTFS Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:1766.68 GB) NTFS Drive g: (TrekStor) (Fixed) (Total:931.51 GB) (Free:875.57 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E82530F0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=140.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C3A71AB) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 0B51B638) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
13.01.2016, 14:31 | #8 |
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei Task: {0BAF27BF-317E-4F9F-866D-2D3139CCFF34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {0FA189AC-D846-4D47-A7A6-11F51D4D432F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {0FA26273-7FAD-412B-8A54-14A8B3D2D39C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {129BED33-3CE9-4E1F-B641-DC24D5841B84} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG Task: {1C5FACFA-D0E9-46C7-8A06-183A171AB770} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {1FFAD526-12D7-422C-94A2-EA03A99B865C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {306983FC-D0DD-43C6-A935-0BB56EDE5B1F} - System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => pcalua.exe -a C:\Users\Helliot\Downloads\lgps306_x64.exe -d C:\Users\Helliot\Downloads Task: {31C348EE-39DE-4C56-A188-BD2E156A3562} - System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => pcalua.exe -a C:\Users\Helliot\Downloads\ST6UNST.EXE -d C:\Users\Helliot\Downloads Task: {4A085877-4476-44D8-9193-3F17B313E3DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4D0AB04A-F350-4043-B676-48092B046A5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {715D37B1-A3DF-4111-9DC8-E3688B397805} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {76E8A1DF-5686-4DD9-8B40-0B0A3B544844} - System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => pcalua.exe -a C:\Users\Helliot\Downloads\iview436_setup.exe -d C:\Users\Helliot\Downloads Task: {7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33} - System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => pcalua.exe -a C:\Users\Helliot\Downloads\iview438_setup.exe -d C:\Users\Helliot\Downloads Task: {8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC} - System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => pcalua.exe -a C:\Users\Helliot\Downloads\setup.exe -d C:\Users\Helliot\Downloads Task: {A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6} - System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft" Task: {A10BB8C3-4BB5-40A4-80C3-5CD445BA035C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {BB35265D-4C7C-44EB-BE88-4671DD9185C5} - System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => D:\Makroman\Makroman\SETUP1.EXE <==== ACHTUNG Task: {EEECF037-8CAE-4B83-843A-93F8E0300FFC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {F0B8B10F-9E59-4DCF-8784-313BA9D51F89} - \Software Updater Ui -> Keine Datei <==== ACHTUNG Task: {F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7} - \Software Updater -> Keine Datei <==== ACHTUNG Task: {F8CD663A-CDD3-46DA-96B4-01DE9C368CDD} - System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => pcalua.exe -a C:\Users\Helliot\Downloads\iview437_setup.exe -d C:\Users\Helliot\Downloads Unlock: C:\WINDOWS\system32\Drivers\etc\hosts C:\WINDOWS\system32\Drivers\etc\hosts Hosts: RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit Chrome? Wenn ja, welche? Bitte poste mit deiner nächsten Antwort
|
13.01.2016, 16:22 | #9 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01 durchgeführt von Helliot (2016-01-13 16:13:13) Run:1 Gestartet von C:\Users\Helliot\Downloads Geladene Profile: Helliot & (Verfügbare Profile: Helliot & GrandmasterACE & DefaultAppPool) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** start CloseProcesses: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei Task: {0BAF27BF-317E-4F9F-866D-2D3139CCFF34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {0FA189AC-D846-4D47-A7A6-11F51D4D432F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {0FA26273-7FAD-412B-8A54-14A8B3D2D39C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {129BED33-3CE9-4E1F-B641-DC24D5841B84} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG Task: {1C5FACFA-D0E9-46C7-8A06-183A171AB770} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {1FFAD526-12D7-422C-94A2-EA03A99B865C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {306983FC-D0DD-43C6-A935-0BB56EDE5B1F} - System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => pcalua.exe -a C:\Users\Helliot\Downloads\lgps306_x64.exe -d C:\Users\Helliot\Downloads Task: {31C348EE-39DE-4C56-A188-BD2E156A3562} - System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => pcalua.exe -a C:\Users\Helliot\Downloads\ST6UNST.EXE -d C:\Users\Helliot\Downloads Task: {4A085877-4476-44D8-9193-3F17B313E3DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {4D0AB04A-F350-4043-B676-48092B046A5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {715D37B1-A3DF-4111-9DC8-E3688B397805} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {76E8A1DF-5686-4DD9-8B40-0B0A3B544844} - System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => pcalua.exe -a C:\Users\Helliot\Downloads\iview436_setup.exe -d C:\Users\Helliot\Downloads Task: {7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33} - System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => pcalua.exe -a C:\Users\Helliot\Downloads\iview438_setup.exe -d C:\Users\Helliot\Downloads Task: {8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC} - System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => pcalua.exe -a C:\Users\Helliot\Downloads\setup.exe -d C:\Users\Helliot\Downloads Task: {A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6} - System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe" -d "C:\Program Files (x86)\Common Files\DVDVideoSoft" Task: {A10BB8C3-4BB5-40A4-80C3-5CD445BA035C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {BB35265D-4C7C-44EB-BE88-4671DD9185C5} - System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => D:\Makroman\Makroman\SETUP1.EXE <==== ACHTUNG Task: {EEECF037-8CAE-4B83-843A-93F8E0300FFC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {F0B8B10F-9E59-4DCF-8784-313BA9D51F89} - \Software Updater Ui -> Keine Datei <==== ACHTUNG Task: {F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7} - \Software Updater -> Keine Datei <==== ACHTUNG Task: {F8CD663A-CDD3-46DA-96B4-01DE9C368CDD} - System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => pcalua.exe -a C:\Users\Helliot\Downloads\iview437_setup.exe -d C:\Users\Helliot\Downloads Unlock: C:\WINDOWS\system32\Drivers\etc\hosts C:\WINDOWS\system32\Drivers\etc\hosts Hosts: RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: end ***************** Prozess erfolgreich geschlossen. "HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Wert erfolgreich entfernt HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Wert erfolgreich entfernt HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Schlüssel nicht gefunden. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BAF27BF-317E-4F9F-866D-2D3139CCFF34}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BAF27BF-317E-4F9F-866D-2D3139CCFF34}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FA189AC-D846-4D47-A7A6-11F51D4D432F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA189AC-D846-4D47-A7A6-11F51D4D432F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FA26273-7FAD-412B-8A54-14A8B3D2D39C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA26273-7FAD-412B-8A54-14A8B3D2D39C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{129BED33-3CE9-4E1F-B641-DC24D5841B84}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{129BED33-3CE9-4E1F-B641-DC24D5841B84}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C5FACFA-D0E9-46C7-8A06-183A171AB770}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C5FACFA-D0E9-46C7-8A06-183A171AB770}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FFAD526-12D7-422C-94A2-EA03A99B865C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FFAD526-12D7-422C-94A2-EA03A99B865C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{306983FC-D0DD-43C6-A935-0BB56EDE5B1F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{306983FC-D0DD-43C6-A935-0BB56EDE5B1F}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2BA6ACF8-89E4-4899-88B2-D50035EF4AD9}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31C348EE-39DE-4C56-A188-BD2E156A3562}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31C348EE-39DE-4C56-A188-BD2E156A3562}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{CB899C53-5DB9-467E-8867-F133565D31ED} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB899C53-5DB9-467E-8867-F133565D31ED}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A085877-4476-44D8-9193-3F17B313E3DA}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A085877-4476-44D8-9193-3F17B313E3DA}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D0AB04A-F350-4043-B676-48092B046A5E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D0AB04A-F350-4043-B676-48092B046A5E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{715D37B1-A3DF-4111-9DC8-E3688B397805}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{715D37B1-A3DF-4111-9DC8-E3688B397805}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76E8A1DF-5686-4DD9-8B40-0B0A3B544844}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76E8A1DF-5686-4DD9-8B40-0B0A3B544844}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{FE381AB6-C174-4075-934D-0CA7B45F6436} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE381AB6-C174-4075-934D-0CA7B45F6436}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A7302C8-8B82-4A9C-A2AC-A9502C9E8B33}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{0F242DDD-A1BC-4005-A10F-6407491B9130} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0F242DDD-A1BC-4005-A10F-6407491B9130}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8269CDF2-11EE-4254-A63A-A5B4CB6A4FCF}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A3BFC41-1E53-4241-ACD1-45EC02B8D7EC}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A99B40CB-B973-4B11-B60F-BBB00AB2B8D0}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0BAE1AC-B615-4DC7-A6BC-208818B8C6D6}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9EDECF64-1369-4E2A-8F7E-BB82E4B70D08}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A10BB8C3-4BB5-40A4-80C3-5CD445BA035C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A10BB8C3-4BB5-40A4-80C3-5CD445BA035C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB35265D-4C7C-44EB-BE88-4671DD9185C5}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB35265D-4C7C-44EB-BE88-4671DD9185C5}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B93B4226-99E3-4BF6-AA44-9ECA0DAAB36D}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEECF037-8CAE-4B83-843A-93F8E0300FFC}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEECF037-8CAE-4B83-843A-93F8E0300FFC}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0B8B10F-9E59-4DCF-8784-313BA9D51F89}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0B8B10F-9E59-4DCF-8784-313BA9D51F89}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater Ui" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F56BF364-2DC8-4852-A9C0-2BBA9E3A23C7}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8CD663A-CDD3-46DA-96B4-01DE9C368CDD}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8CD663A-CDD3-46DA-96B4-01DE9C368CDD}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{57509CE6-97B6-428F-82D6-192E14C257B1} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{57509CE6-97B6-428F-82D6-192E14C257B1}" => Schlüssel erfolgreich entfernt "C:\WINDOWS\system32\Drivers\etc\hosts" => wurde entsperrt C:\WINDOWS\system32\Drivers\etc\hosts => erfolgreich verschoben Hosts erfolgreich wiederhergestellt. ========= RemoveProxy: ========= "HKU\S-1-5-21-1876908282-3715187805-3812892742-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-1876908282-3715187805-3812892742-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-1876908282-3715187805-3812892742-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl�sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zur�ckgesetzt. Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en. ========= Ende von CMD: ========= EmptyTemp: => 1 GB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 16:13:23 ==== Code:
ATTFilter HitmanPro 3.7.12.253 www.hitmanpro.com Computer name . . . . : MORPHEUS Windows . . . . . . . : 10.0.0.10586.X64/4 User name . . . . . . : Morpheus\Helliot UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2016-01-13 16:19:04 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 33s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 13 Objects scanned . . . : 2.125.581 Files scanned . . . . : 71.267 Remnants scanned . . : 804.696 files / 1.249.618 keys Suspicious files ____________________________________________________________ C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll Size . . . . . . . : 949.613 bytes Age . . . . . . . : 1194.7 days (2012-10-05 23:36:30) Entropy . . . . . : 7.6 SHA-256 . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0 Fuzzy . . . . . . : 29.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll Size . . . . . . . : 959.376 bytes Age . . . . . . . : 990.9 days (2013-04-27 18:58:47) Entropy . . . . . : 7.6 SHA-256 . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5 RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll Size . . . . . . . : 963.480 bytes Age . . . . . . . : 899.7 days (2013-07-27 22:38:44) Entropy . . . . . : 7.6 SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\pbcl.dll Size . . . . . . . : 963.480 bytes Age . . . . . . . : 831.9 days (2013-10-03 17:41:49) Entropy . . . . . : 7.6 SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\pbclold.dll Size . . . . . . . : 963.480 bytes Age . . . . . . . : 1194.7 days (2012-10-05 23:06:35) Entropy . . . . . : 7.6 SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\pbcls.dll Size . . . . . . . : 949.613 bytes Age . . . . . . . : 1189.8 days (2012-10-10 20:25:06) Entropy . . . . . : 7.6 SHA-256 . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0 Fuzzy . . . . . . : 29.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. C:\Users\Helliot\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys Size . . . . . . . : 139.032 bytes Age . . . . . . . : 1194.7 days (2012-10-05 23:06:56) Entropy . . . . . : 7.8 SHA-256 . . . . . : 0CA9D48C9E3D938121A73EBE6EA3FBE19A9AE017EEDA066A22CF254A688A98C2 RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. The file is a device driver. Device drivers run as trusted (highly privileged) code. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\AppData\Local\PunkBuster\BF4\pb\PnkBstrK.sys Size . . . . . . . : 139.552 bytes Age . . . . . . . : 832.1 days (2013-10-03 13:26:57) Entropy . . . . . : 7.7 SHA-256 . . . . . : 7A47CB7814643DAFDF81D3E2E03C60A162A49525962ECE651187371853E507E5 RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : 22.0 The .reloc (relocation) section in this program contains code. This is an indication of malware infection. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program contains PE structure anomalies. This is not typical for most programs. The file is a device driver. Device drivers run as trusted (highly privileged) code. Program is code signed with a valid Authenticode certificate. C:\Users\Helliot\Downloads\FRST64.exe Size . . . . . . . : 2.370.560 bytes Age . . . . . . . : 1.0 days (2016-01-12 16:50:35) Entropy . . . . . : 7.6 SHA-256 . . . . . : E00B3E284EA5E3DC9F977F72631654ADF275E553894F86DB4B5523206961054E Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\Users\Helliot\Downloads\FRST64.exe 2.3s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCookies\1G7H2NC1.txt 4.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\90\0A47C62C6DDBB9C2.dat 4.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\90\0A47C62C6DDBB9C2.dat 4.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\90\ 5.9s C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\ 5.9s C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe 6.3s C:\Windows\Installer\4db229c.msi 13.2s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\GKVL6WQE\login[1].htm 13.3s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\Y3O2Q891\login[1].css 13.3s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\J69FLF2W\skype-logo-136x60[1].png 13.4s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\J69FLF2W\en.built[1].js 13.4s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\J69FLF2W\ms_logos-268x32[1].png 13.7s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\GKVL6WQE\login[1].js 14.0s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\RSL7X1S5\de.built[1].js 14.0s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\Y3O2Q891\capslock_20x20[1].png 14.0s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\GKVL6WQE\win[1].css 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\RSL7X1S5\button-darker-middle-35x35[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\Y3O2Q891\button-darker-left-35x35[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\Y3O2Q891\transparent[1].gif 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\GKVL6WQE\loader_30fps[1].gif 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\GKVL6WQE\arrows[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\RSL7X1S5\facebook[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\RSL7X1S5\checkbox[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\RSL7X1S5\buttons[1].png 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\J69FLF2W\dropdownArrows[2].svg 14.1s C:\Users\Helliot\AppData\Local\Microsoft\Windows\INetCache\IE\Y3O2Q891\button-darker-right-35x35[1].png 15.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{3A3BAC32-9BC1-4427-B473-874605525456} 15.5s C:\Users\Helliot\Downloads\tdsskiller.exe 19.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\22\47AC7CD81954BD42.dat 43.8s C:\Users\Helliot\AppData\Roaming\Skype\shared.xml 47.2s C:\Users\Helliot\AppData\Local\Microsoft\Windows\Notifications\wpnidm\77be28f9.jpg 49.1s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{C8503CA4-9BCD-4D14-AAA4-759756603398} 52.4s C:\Users\Helliot\AppData\Local\Microsoft\Windows\Notifications\wpnidm\57bcf657.jpg 72.4s C:\Users\Helliot\AppData\Local\Microsoft\Windows\Notifications\wpnidm\12270967.jpg Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}\ (PCSpeedUp) HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}\ (PCSpeedUp) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) |
13.01.2016, 16:37 | #10 |
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Servus, fehlen nur noch ESET, FRST und die Beantwortung der Fragen. |
13.01.2016, 19:00 | #11 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=init # utc_time=2015-12-19 01:32:41 # local_time=2015-12-19 02:32:41 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 27275 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=updated # utc_time=2015-12-19 01:35:05 # local_time=2015-12-19 02:35:05 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # engine=27275 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-19 02:44:53 # local_time=2015-12-19 03:44:53 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='avast! Internet Security' # compatibility_mode=779 16777213 85 72 13350 214956783 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 4306181 4350436 0 0 # scanned=413483 # found=0 # cleaned=0 # scan_time=4187 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=init # utc_time=2015-12-22 08:56:50 # local_time=2015-12-22 09:56:50 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 27309 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=updated # utc_time=2015-12-22 08:57:54 # local_time=2015-12-22 09:57:54 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # engine=27309 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-22 10:30:35 # local_time=2015-12-22 11:30:35 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 17720 4594378 0 0 # scanned=413997 # found=0 # cleaned=0 # scan_time=5560 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=init # utc_time=2016-01-13 03:22:56 # local_time=2016-01-13 04:22:56 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 27626 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # end=updated # utc_time=2016-01-13 03:24:48 # local_time=2016-01-13 04:24:48 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=6685cb0c4742af419d88372b414cc162 # engine=27626 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-01-13 04:52:59 # local_time=2016-01-13 05:52:59 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 74901 6518122 0 0 # scanned=429242 # found=0 # cleaned=0 # scan_time=5291 Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01 durchgeführt von Helliot (Administrator) auf MORPHEUS (13-01-2016 18:57:49) Gestartet von C:\Users\Helliot\Downloads Geladene Profile: Helliot & GrandmasterACE & DefaultAppPool (Verfügbare Profile: Helliot & GrandmasterACE & DefaultAppPool) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\System32\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Akamai Technologies, Inc.) C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited) HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Revo Uninstaller] => C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe [3161648 2013-07-03] (VS Revo Group) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] () HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\RunOnce: [Uninstall C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation) HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Run: [Revo Uninstaller] => C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe [3161648 2013-07-03] (VS Revo Group) HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Run: [Akamai NetSession Interface] => C:\Users\Helliot\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2015-12-16] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-04-26] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{83ac9df7-6c28-4091-921e-08a29f9fe4ba}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e3935004-bc88-41ac-b0ba-8e293dc64751}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> DefaultScope {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000 -> {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016 -> DefaultScope {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016 -> {CD66C26F-E372-422E-B4F2-96951AB8E427} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-19] (Oracle Corporation) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab FireFox: ======== FF ProfilePath: C:\Users\Helliot\AppData\Roaming\Mozilla\Firefox\Profiles\cqqp165q.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-28] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-28] () FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-14] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Helliot\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1876908282-3715187805-3812892742-1000: electronicarts.com/GameFacePlugin -> C:\Users\Helliot\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts) Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll => Keine Datei CHR Profile: C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-10-10] CHR Extension: (Google Präsentationen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-10] CHR Extension: (Google Docs) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-10] CHR Extension: (Google Drive) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10] CHR Extension: (uBlock Origin) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-13] CHR Extension: (Google-Suche) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Google Tabellen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-10] CHR Extension: (Google Docs Offline) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19] CHR Extension: (Microsoft Edge - Dark Theme) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\hicepmjogaihmngebapbmkdnjllmhnfb [2015-10-10] CHR Extension: (Ghostery) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10] CHR Extension: (Google Mail) - C:\Users\Helliot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-10] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-07-09] () R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited) S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2015-01-13] (Creative Labs) [Datei ist nicht signiert] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-08] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-05] (Electronic Arts) S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-04-14] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-14] (pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-14] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-05] () R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-05-26] (Apple Inc.) R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology) R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.) S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [25600 2015-01-23] (BlackBerry Limited) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-13] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [80384 2015-01-14] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-07] () U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-13 16:18 - 2016-01-13 16:21 - 00000000 ____D C:\ProgramData\HitmanPro 2016-01-13 16:17 - 2016-01-13 16:18 - 11323704 _____ (SurfRight B.V.) C:\Users\Helliot\Downloads\HitmanPro_x64.exe 2016-01-13 16:13 - 2016-01-13 16:13 - 00017499 _____ C:\Users\Helliot\Downloads\Fixlog.txt 2016-01-12 20:08 - 2016-01-12 20:15 - 01600184 _____ (Malwarebytes) C:\Users\Helliot\Desktop\JRT.exe 2016-01-12 19:55 - 2016-01-12 19:55 - 01754112 _____ C:\Users\Helliot\Desktop\adwcleaner_5.029.exe 2016-01-12 17:07 - 2016-01-12 17:10 - 00091744 _____ C:\TDSSKiller.3.1.0.9_12.01.2016_17.07.04_log.txt 2016-01-12 16:56 - 2016-01-12 20:23 - 00061667 _____ C:\Users\Helliot\Downloads\Addition.txt 2016-01-12 16:53 - 2016-01-13 18:58 - 00031744 _____ C:\Users\Helliot\Downloads\FRST.txt 2016-01-12 16:52 - 2016-01-13 18:57 - 00000000 ____D C:\FRST 2016-01-12 16:50 - 2016-01-12 17:06 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Helliot\Downloads\tdsskiller.exe 2016-01-12 16:50 - 2016-01-12 16:52 - 02370560 _____ (Farbar) C:\Users\Helliot\Downloads\FRST64.exe 2016-01-08 12:06 - 2016-01-08 12:06 - 00051796 _____ C:\Users\Helliot\Downloads\SKM_364e16010708480.pdf 2015-12-22 17:55 - 2015-12-22 17:55 - 00291877 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215032.pdf 2015-12-22 17:43 - 2015-12-22 17:43 - 00287394 _____ C:\Users\Helliot\Downloads\SKM_C224e15122215031.pdf 2015-12-22 07:27 - 2015-12-22 07:27 - 00001460 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-12-22 07:25 - 2015-12-22 07:27 - 00000000 ____D C:\Users\Helliot\AppData\Local\NVIDIA 2015-12-22 07:25 - 2015-12-22 07:25 - 00002216 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-12-22 07:25 - 2015-12-22 07:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-12-22 07:25 - 2015-12-16 17:59 - 01846016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01530240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2015-12-22 07:24 - 2016-01-13 16:14 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-22 07:24 - 2015-12-16 15:54 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-12-22 07:24 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-12-22 07:24 - 2015-12-16 15:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-12-22 07:24 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-12-22 07:23 - 2015-12-18 09:48 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00416560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00370992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00339760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2015-12-22 07:23 - 2015-12-16 17:59 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-12-22 07:23 - 2015-12-16 17:59 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-21 23:24 - 2015-12-21 23:24 - 00034656 _____ C:\Users\Helliot\Downloads\re07_12_15-11_12_BB_Schönaich_ST_Sedlak.dot.pdf 2015-12-21 23:24 - 2015-12-21 23:24 - 00034631 _____ C:\Users\Helliot\Downloads\re08_12_15-11_12_BB_Schönaich_ST_Aydin.dot.pdf 2015-12-19 16:08 - 2015-12-19 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol 2015-12-19 15:47 - 2016-01-12 20:00 - 00000000 ____D C:\AdwCleaner 2015-12-19 15:38 - 2016-01-12 16:49 - 00000000 ____D C:\Users\Helliot\Documents\Meine FileHippo-Downloads 2015-12-19 15:38 - 2015-12-19 15:38 - 00002127 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2015-12-19 15:38 - 2015-12-19 15:38 - 00002097 _____ C:\Users\Helliot\Desktop\FileHippo App Manager.lnk 2015-12-19 15:32 - 2015-12-19 15:32 - 00001991 _____ C:\Users\Helliot\Desktop\Malwarebytes Anti-Exploit.lnk 2015-12-19 15:30 - 2016-01-12 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-12-19 15:30 - 2015-12-19 15:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-12-19 14:32 - 2015-12-19 14:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-19 13:16 - 2015-12-19 14:32 - 02870984 _____ (ESET) C:\Users\Helliot\Desktop\esetsmartinstaller_deu.exe 2015-12-19 13:05 - 2015-12-19 13:06 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-12-19 13:05 - 2015-11-20 22:40 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2015-12-17 19:12 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-12-17 19:11 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-12-17 19:11 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-12-17 19:11 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-17 19:11 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-17 19:11 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2015-12-17 19:11 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-17 19:11 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2015-12-17 19:11 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-12-17 19:11 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-12-17 19:11 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-12-17 19:11 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2015-12-17 19:11 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2015-12-17 19:11 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2015-12-17 19:11 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-17 19:11 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-17 19:11 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-12-17 19:11 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2015-12-17 19:11 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-12-17 19:11 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-12-17 19:11 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-12-17 19:11 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-17 19:11 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-12-17 19:11 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2015-12-17 19:11 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-17 19:11 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-12-17 19:11 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-17 19:11 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-12-17 19:11 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-12-17 19:11 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-17 19:11 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-12-17 19:11 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-17 19:11 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2015-12-17 19:11 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2015-12-16 23:48 - 2015-12-16 23:48 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-12-14 18:41 - 2016-01-06 01:22 - 00000000 ____D C:\Users\Helliot\AppData\Local\Deployment 2015-12-14 18:20 - 2015-12-14 18:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-13 18:35 - 2014-11-11 22:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-13 18:25 - 2015-10-08 22:20 - 00001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-01-13 18:21 - 2015-10-10 18:10 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-13 17:55 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-13 17:55 - 2013-05-18 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-13 17:55 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-13 17:55 - 2013-05-18 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-01-13 16:42 - 2014-06-29 19:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-13 16:21 - 2015-12-13 04:36 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-13 16:21 - 2015-10-30 19:35 - 00898014 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-13 16:21 - 2015-10-30 19:35 - 00201500 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-13 16:21 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-13 16:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-13 16:21 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-13 16:15 - 2013-07-18 20:33 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Dropbox 2016-01-13 16:14 - 2015-12-13 04:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-13 16:14 - 2015-10-10 18:10 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-13 16:14 - 2015-10-08 22:20 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-01-13 16:14 - 2015-10-07 19:37 - 00000000 __SHD C:\Users\Helliot\IntelGraphicsProfiles 2016-01-13 16:14 - 2012-10-05 20:50 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2016-01-13 16:13 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-13 16:13 - 2013-07-09 21:02 - 00000000 ____D C:\Users\Helliot\AppData\LocalLow\Temp 2016-01-13 15:49 - 2014-01-03 21:05 - 00000000 ____D C:\Users\Helliot\AppData\Local\Battle.net 2016-01-13 15:25 - 2015-10-07 20:01 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1551DC1-A338-4D4E-8C71-384D0FD0D468} 2016-01-13 15:23 - 2012-10-06 02:29 - 00000000 ____D C:\Users\Helliot\AppData\Local\CrashDumps 2016-01-12 20:23 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-12 16:51 - 2012-10-14 22:05 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Skype 2016-01-12 16:50 - 2015-01-12 22:47 - 00000000 ____D C:\ProgramData\Skype 2016-01-08 18:33 - 2015-10-20 18:04 - 00000000 ____D C:\Users\Helliot\Documents\EVE 2016-01-08 13:13 - 2012-10-05 20:50 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2016-01-08 12:21 - 2015-07-18 19:15 - 00000000 ____D C:\Users\Helliot\Desktop\HAUS Schönaich 2016-01-06 03:39 - 2013-08-09 12:07 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\vlc 2016-01-05 00:40 - 2012-11-28 23:05 - 00000000 ____D C:\Users\Helliot\Desktop\EFT 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-04 14:28 - 2012-10-05 21:09 - 00000000 ____D C:\Program Files\WinRAR 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-28 22:35 - 2014-11-11 22:46 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-12-28 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-28 14:50 - 2015-07-28 22:35 - 00001324 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-12-28 14:50 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2015-12-28 14:50 - 2014-11-08 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-12-28 14:47 - 2013-05-18 18:53 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\DVDVideoSoft 2015-12-23 07:01 - 2012-10-05 21:10 - 00001165 _____ C:\Users\Helliot\Desktop\MSI Afterburner.lnk 2015-12-22 07:27 - 2015-12-13 04:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-12-22 07:25 - 2015-12-13 04:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-12-22 07:25 - 2015-12-13 04:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-12-22 07:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2015-12-22 07:11 - 2012-10-06 17:57 - 00000869 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-12-20 23:43 - 2015-12-13 04:36 - 00000000 ____D C:\Users\Helliot 2015-12-20 23:43 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-19 16:10 - 2014-03-28 14:38 - 00000000 ____D C:\Users\Helliot\AppData\Roaming\WinPatrol 2015-12-19 16:10 - 2014-03-24 18:52 - 00000000 ____D C:\ProgramData\InstallMate 2015-12-19 15:59 - 2015-07-28 22:35 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack 2015-12-19 15:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-19 15:54 - 2015-10-25 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning 2015-12-19 15:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2015-12-19 15:52 - 2013-05-18 23:13 - 00000000 ____D C:\avast! sandbox 2015-12-19 15:52 - 2013-05-14 00:42 - 00000000 ____D C:\ProgramData\AVAST Software 2015-12-19 15:51 - 2015-07-30 18:07 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-19 15:38 - 2013-05-18 23:44 - 00000000 ____D C:\Program Files (x86)\FileHippo.com 2015-12-19 14:17 - 2013-07-20 14:05 - 00000000 ____D C:\ProgramData\TEMP 2015-12-19 13:15 - 2014-01-17 12:28 - 00000000 ____D C:\ProgramData\Oracle 2015-12-19 13:06 - 2015-08-17 22:58 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-19 13:06 - 2014-01-17 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-19 13:06 - 2013-09-23 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2015-12-19 12:55 - 2014-03-28 22:59 - 00001274 _____ C:\Users\Helliot\Desktop\Revo Uninstaller.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00002439 _____ C:\Users\Helliot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-17 18:41 - 2015-10-07 19:39 - 00000000 ___RD C:\Users\Helliot\OneDrive 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox 2015-12-17 17:13 - 2014-11-16 21:00 - 00000000 ____D C:\WINDOWS\system32\vbox 2015-12-16 23:48 - 2015-12-13 04:36 - 00000000 ____D C:\Users\DefaultAppPool 2015-12-16 22:22 - 2015-10-10 18:10 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-12-16 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2015-12-14 18:27 - 2015-12-13 04:34 - 00201440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-12-14 18:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-12-14 18:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-07-23 19:08 - 2015-07-30 19:39 - 0008704 _____ () C:\Users\Helliot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-12-24 14:56 - 2012-12-24 14:56 - 0000095 _____ () C:\Users\Helliot\AppData\Local\fusioncache.dat 2015-10-01 18:27 - 2015-10-01 18:27 - 0000000 _____ () C:\Users\Helliot\AppData\Local\{78B09330-81F4-4EF6-B1B6-AA7CBAE12EBB} ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-13 17:54 ==================== Ende von FRST.txt ============================ |
13.01.2016, 19:02 | #12 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome)Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01 durchgeführt von Helliot (2016-01-13 18:58:28) Gestartet von C:\Users\Helliot\Downloads Windows 10 Home (X64) (2015-12-13 03:42:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1876908282-3715187805-3812892742-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1876908282-3715187805-3812892742-503 - Limited - Disabled) Gast (S-1-5-21-1876908282-3715187805-3812892742-501 - Limited - Disabled) GrandmasterACE (S-1-5-21-1876908282-3715187805-3812892742-1016 - Limited - Enabled) => C:\Users\GrandmasterACE Helliot (S-1-5-21-1876908282-3715187805-3812892742-1000 - Administrator - Enabled) => C:\Users\Helliot HomeGroupUser$ (S-1-5-21-1876908282-3715187805-3812892742-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Akamai) (Version: - Akamai Technologies, Inc) Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited) Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs) Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited) Curse Client - 1 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse) Curse Client - 1 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) EVE Online (HKLM-x32\...\{506FAE69-5B35-448D-9755-0300C6074695}) (Version: 3.0.0 - CCP Games Ltd.) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.55163.11 - Electronic Arts) FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.0.1224 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.60.713 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.60.713 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation) Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech) Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.) Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - ) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 44.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation) NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder) SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.) Sound Blaster Recon3D PCIe (HKLM-x32\...\{CA0A90CB-F659-4E0B-B2A2-C8CF4B752AEC}) (Version: 1.01.26 - Creative Technology Limited) Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TL-WN951N Driver (HKLM-x32\...\{CCE177D2-8FE3-494A-82C9-958CC79E73AD}) (Version: 1.0.0 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK) Unity Web Player (HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) YGOPro DevPro Version 1.9.9 r0 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.9 r0 - YGOPro DevPro Online) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Helliot\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Helliot\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {12C47B42-B987-4A43-9E3E-2E814AFD9548} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {166FCE99-6838-4B5D-B60D-A41A746D3D13} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {1832404E-9692-4663-ACA6-5D713B6CAFC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {1AB1D862-115B-4532-B2BD-72D65EE6A1FB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {1ADE08AA-BA76-401F-B3D4-574F04357706} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {1C8016AC-FDCC-4597-B7E2-3DDE2C1CF753} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {1ED31CEB-913B-43E9-BD79-0FC4CC548B8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {272CB712-594B-4627-A297-6B7BF114F0E9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {2E7997BF-8BE5-4EA9-A95D-E716F1800359} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {34397EE7-82EA-4203-BD37-F94DC61DE797} - System32\Tasks\{17BEF078-1C17-4420-B061-2CACE9028188} => pcalua.exe -a "D:\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000 Task: {394FB6DE-C869-4527-BC1B-E1D35F603FB1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {442D3110-9FD2-43A7-971C-DC34D69989A5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {4BF79F40-B555-4768-B224-1A47AA016F07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {550E0D98-DD00-4907-B1F3-342050FBB3D7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {583DC1B4-74AF-4E3A-BE6A-9E78CC05852D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {70A97BB3-69F7-4976-BD9E-98AA8325681C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {79AA9890-6934-4720-BA9C-3F221AC7780C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {7F20631D-DDBA-4662-9ADD-972A633821DF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {856722EF-9D13-48DE-A22A-B5B31A9AB562} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {8986EF33-036D-4902-BD74-39173F903C5F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {8AFEE5BD-22A1-410C-9F61-E537A6822FF3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {8E0D05C1-BB4B-441A-810C-CA5922CF1485} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {934E48BA-8F6F-4440-94BB-CBF3E28E5242} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {9CD1CE2C-3259-4D6C-B40A-39041DC175FE} - System32\Tasks\{B71FEB14-4639-446D-9C4C-A9234DF5AEA0} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603 Task: {A00CAA1B-8BF0-4D48-81F8-484EC4E2FCCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A3342FCF-E15A-4DD2-AD6D-D803A0A41C4D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-08] (Dropbox, Inc.) Task: {A38905B8-A9D4-4134-9EA2-95E0ADC091CB} - System32\Tasks\{D6C871A8-4AE8-4CA8-8D2D-903C91CEE857} => pcalua.exe -a C:\Users\Helliot\AppData\Local\Unity\WebPlayer\Uninstall.exe -c /CurrentUser Task: {AD7DDE54-21D7-4517-9593-CA23E761D56B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B69F42B8-3628-4405-BE43-14C98FACB725} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {BBE2697C-FED9-40F8-B331-266EBE6B3D54} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C1EE81B8-3064-4811-9A1F-F50B8B38C864} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E51E85FF-DA1B-4C44-8116-0B2B45B525CD} - System32\Tasks\{FA9E69F5-A168-4713-9AA8-C808C227B45E} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" Task: {F36832C7-49C6-4916-BA71-08229EB67DC3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F728578E-C6EE-489E-8041-B07EF026CFD6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {FA98427E-7096-4310-AB47-6ACD728F7B2B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.) Task: {FE9D1E75-C974-486A-9F60-3583C5E28F4A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-28] (Adobe Systems Incorporated) Task: {FFAAE9E9-64F5-479D-82F1-DE976E312573} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-22 07:24 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-10-05 20:50 - 2012-02-07 16:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2014-12-17 16:19 - 2014-12-17 16:19 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-12-22 07:25 - 2015-12-16 17:59 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-13 14:28 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 19:11 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-17 19:11 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-12-17 19:11 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-17 19:11 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-17 19:11 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-17 19:11 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-09-02 12:00 - 2015-09-02 12:00 - 10566352 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe 2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-05-20 13:00 - 2015-05-20 13:00 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe 2015-12-13 04:21 - 2015-12-13 04:21 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-12-13 04:21 - 2015-12-13 04:21 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 22:35 - 2015-11-20 22:35 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-01-09 02:19 - 2016-01-09 02:19 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe 2015-12-15 18:55 - 2015-12-15 18:55 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-08 15:58 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-08 15:58 - 2015-12-25 20:19 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-05-26 16:46 - 2015-05-26 16:46 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2015-12-22 07:25 - 2015-12-16 17:59 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2012-12-19 10:58 - 2012-12-19 10:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll 2015-12-11 23:26 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2015-12-11 23:26 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2015-12-11 23:26 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2015-12-11 23:26 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2015-10-08 22:20 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-12-11 23:26 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2015-12-11 23:26 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2015-12-11 23:26 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2015-12-11 23:26 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2015-12-11 23:26 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-10-08 22:20 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-10-08 22:20 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-16 22:22 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2012-10-05 20:49 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\...\1001movie.com -> 1001movie.com Da befinden sich 6091 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-01-13 16:13 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1876908282-3715187805-3812892742-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Helliot\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-1876908282-3715187805-3812892742-1016\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{0B927C76-4B63-49D9-B552-82C0679177C8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{C9633B9E-8683-45AF-A995-4D0E1F2E65DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{528A0DB4-FF3D-4106-99A0-F6C9365FDCED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5A64F415-5D25-48E7-94DE-9168E1652CB3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58D27B29-5ACD-4521-A78E-32A63EF86B2C}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{10B6A4D9-5E90-45A9-91F3-8A18A0DD6FE4}] => (Allow) D:\Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{BD92F302-3A60-421B-81EE-E27B96FB1499}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{86B49B3B-F8E5-4F0B-BB50-273EA5E86CD1}] => (Allow) D:\Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{F26F807B-A4C1-4EB0-B068-A5DF04052E68}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD0FAEE9-5067-4529-A699-95CE8D91E4BD}] => (Allow) D:\Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD80BF80-6811-4734-9F71-24E5099E44E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C82C500A-6C02-4AB0-A1F7-08D5E1C643F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{5DE22059-C075-4ECC-BA29-BC9069EB1E38}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [TCP Query User{A4979378-DE8B-43BF-A39F-34A777138062}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{6736FC8E-86F5-41AF-A63F-9B288EDD0082}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [TCP Query User{BC2333FE-7701-43C8-AFB2-28289DF59DA6}D:\games\fifa 16\fifa16.exe] => (Allow) D:\games\fifa 16\fifa16.exe FirewallRules: [UDP Query User{139E65D7-9DCD-42EF-ABC2-EC92695412A5}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{BBEB0FAD-4CB0-4310-A0EE-0730C19AA4A6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8BCFE5FC-41A5-45D9-9FEF-7E3B6A900579}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1C0A61B1-9D32-4E7C-B521-EEEE1F14D1E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6516A375-742D-4035-97B8-896233ABCCDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{266F4EF5-5086-403B-B76D-586F5A78A1DD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{A5CB5A06-45D4-4D3A-A828-A1E184DE4E24}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{42886E48-ADA7-493E-952F-05DE1702DD10}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{C383E550-1CE7-4780-BBD5-9D2DDE526464}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{DDF9335F-BDDD-4B7F-8B14-A7FABB7A2091}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{4ABB48F3-D3E9-4DFA-AFD5-D0DDD66A02B7}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{C511EC64-DA6D-47D2-8861-DAFD4B9C3D0C}] => (Allow) C:\Users\Helliot\AppData\Local\Apps\2.0\2HBZH8VT.58H\Y5JRKW5M.W4D\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe FirewallRules: [{54082D66-418E-4A5D-9A08-4EFCB793F141}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{0D3563E2-7D4F-4578-A815-56C21990E12E}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\lotroclient.exe FirewallRules: [{62E85091-1CFC-49DA-A381-2D1506395D45}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{19B2B5AA-747B-4F30-AC23-18C15E82E171}] => (Allow) D:\HappyCloud\Cache\The Lord of the Rings Online\TurbineLauncher.exe FirewallRules: [{7C8B3004-3CE9-47FD-831C-AFFF45483DFA}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{FB50B207-BF10-4790-ACF5-484770EFFEE0}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{AEBC00CF-B069-4B71-8101-DDFE72C6CF17}] => (Allow) E:\fsetup.exe FirewallRules: [{AE686882-749D-4A38-BC40-18F97575F538}] => (Allow) E:\fsetup.exe FirewallRules: [TCP Query User{568F984C-A586-447A-BE2F-2924A12E073C}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [UDP Query User{AA814E8D-9E1D-4CBB-8FE4-C0D592C23130}D:\happycloud\cache\the lord of the rings online\lotroclient.exe] => (Allow) D:\happycloud\cache\the lord of the rings online\lotroclient.exe FirewallRules: [TCP Query User{CA694090-E9C9-47D3-BF86-810657384E79}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [UDP Query User{4A628D7D-758A-4D06-9011-9FEEA28EB724}D:\games\eve online\bin\exefile.exe] => (Allow) D:\games\eve online\bin\exefile.exe FirewallRules: [{FEF5D6AE-1286-4097-895E-4450CE2537B7}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{BA699DC5-1E88-46A3-AFB5-66FC9D576C8E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{007CEA8A-D573-4120-8D82-61DE56CB1EF8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CEEAA8A5-DE66-4AE1-A0AC-C32E3F7DFF8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{09F1FD38-46F2-4E41-A08F-04476436A305}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8627F46E-16B4-4BBB-9CC0-A692908A7A8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E0FC1FC9-FD76-4D3A-B12E-24BD118389EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{0BFE8484-42BB-43CE-900A-C715C0AAEAF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe FirewallRules: [{3F457E0B-8CFF-4DD1-A961-42A78A7717AC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{618CC434-226B-40AB-AAC3-EE8718391229}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{0D630E23-8E0A-496F-BF36-DD040ADDAA35}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{96211E4D-9EC5-4531-A7EA-7A59F97A19BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{1C980DAD-44A9-4199-9F93-3576C8762AE2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{94555346-4E9B-4B5A-A411-4E0BA532EFB8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe FirewallRules: [{92C946A5-3AF0-47C2-8DEA-0E02EA0F7C23}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{1C6E86DD-CE22-49A9-AB02-4BD4C10E266F}] => (Allow) D:\Games\World of Warcraft\Battle.net\Battle.net.exe FirewallRules: [{C8E8167A-3C00-451E-855D-D7901B16F8F9}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{06872F15-5385-41AC-8079-C60611B6358E}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{DB2796A6-36F4-4AAA-A64A-6BDD43E674BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{C062EB40-5993-4BF2-83D5-40F90E17617C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe FirewallRules: [{113C377B-AC8C-43AC-9D5F-EEDE14BD5E42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{DEF0DFE0-21DB-471B-8A0D-147808AC19C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{BC812440-55D4-4BC1-959C-DA5CD16DDDF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [{9F8AB3E5-7A47-4416-A298-02EAEDBA6573}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe FirewallRules: [TCP Query User{B27F46D7-3CF8-4ECC-994B-AF6D6C8D5A53}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{4A9174EE-D4C6-4BF8-96B2-67245C1F64B0}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{C73009B1-FE7A-4DF9-8ED8-99C432CDD8CD}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [UDP Query User{C1B0777F-CDD3-4979-9F0E-F82C0D272668}C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe] => (Allow) C:\users\helliot\desktop\ygopro-1.032.1-v5-percy-full\ygopro_vs.exe FirewallRules: [TCP Query User{19291BB1-BDB3-46C4-B513-1B97032920DE}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [UDP Query User{76438013-4A59-4FC9-BD3A-2471DB68CF0D}D:\program files (x86)\devpro\devpro.dll] => (Allow) D:\program files (x86)\devpro\devpro.dll FirewallRules: [TCP Query User{05C1F69D-E6F6-4425-82C8-15312204C9ED}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [UDP Query User{F8A06B3C-70D5-4014-98FB-992F61B64E9F}D:\games\devpro\devpro.dll] => (Block) D:\games\devpro\devpro.dll FirewallRules: [TCP Query User{1767DF7F-D26F-4569-9EA9-36D56D1F2676}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [UDP Query User{F66A7FB9-CDA3-4F43-97BD-505A68E15983}C:\program files\java\jdk1.7.0_55\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.7.0_55\bin\javaw.exe FirewallRules: [{BD5B5645-3564-4BB6-8B7C-A8C59F647846}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{B3757FFF-A038-4B20-B302-83EDDC5321B8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{F741DF01-B8CC-48BB-8080-9D07943C4585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{4F5B615F-A185-49CE-B6B0-F00D6E3F0DA2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [TCP Query User{1EFBABD3-4A5A-4B24-B021-33403EEF1488}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [UDP Query User{03F12889-54C8-40F9-9670-20283152568B}C:\program files\java\jdk1.7.0_65\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.7.0_65\bin\jmc.exe FirewallRules: [TCP Query User{E2CD74F6-A502-4F23-9673-754AD5843422}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [UDP Query User{A81B6273-DE2B-4840-A2CB-BEC6D50855EA}C:\program files\java\jdk1.7.0_71\bin\jmc.exe] => (Block) C:\program files\java\jdk1.7.0_71\bin\jmc.exe FirewallRules: [{6CC59246-0A26-48FA-AA4F-24DEA6959A32}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{5D003418-4478-4916-A94C-C1389C026E52}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{86F7CE9F-95AE-4B10-A9F6-DB7A634941D4}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{0BE5A949-3624-44D8-B737-0470666B92CC}] => (Allow) D:\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [TCP Query User{B6917F29-E7FB-4AB4-9DD6-A14C32E2DA30}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [UDP Query User{BD67422D-2000-4041-8022-4BBB9E623E63}D:\games\eve online - kopie\bin\exefile.exe] => (Allow) D:\games\eve online - kopie\bin\exefile.exe FirewallRules: [{1C78B32C-780E-4653-89DE-A0478DEE0EFE}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{BAF62BAC-7972-4943-B7D9-EE0615F3B043}] => (Allow) D:\Games\Battlefield 4\bf4_x86.exe FirewallRules: [{AF4501EB-0F9E-45AF-B19F-08C35426302C}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [{A6A7E103-EA95-499B-8FEB-4A2B68C65449}] => (Allow) D:\Games\Battlefield 4\bf4.exe FirewallRules: [TCP Query User{A8E5B9C8-D4C2-4674-86BF-D17D6F723B5F}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{4D25963D-066C-4A6A-A3FD-FBAC3E1622B6}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [{3B9B8085-0F25-4F5E-83F2-BE5AED176A7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{2C46AC31-8D77-4D6D-9923-D3700243FD6A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{12598A0D-DE41-41C5-A7DC-70A9C9F65465}] => (Allow) tunmgr.exe FirewallRules: [{97C121A3-6E2F-4BCA-B1EF-1165F8AB668D}] => (Allow) tunmgr.exe FirewallRules: [{9598F0AB-4875-4933-9305-89CB5CE9EFEB}] => (Allow) mDNSResponder.exe FirewallRules: [{A9932669-337C-4B1A-BA01-F260855EE99D}] => (Allow) mDNSResponder.exe FirewallRules: [{4EC7B0B2-6196-4431-B22B-09CF48CC57A7}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{7F73E8D7-58E6-41EF-8E45-D43686F0D421}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{60AC01DD-CB9C-4612-9D4B-D4632D5314A5}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [TCP Query User{08775B4F-8238-4627-B2EB-3D0F8FC0FAB2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{06DE6B7B-51C4-4E95-BCB4-FD6A3A4C074E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{E496D335-EF2E-4F1E-9ADA-2B35E4C675EA}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{1743BE12-BA92-41AE-93B8-4571C581EF60}C:\users\helliot\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\helliot\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{026A6911-15CD-4CE7-8866-E6B866937037}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [UDP Query User{D7949B87-D512-40C3-B8C8-A23AFE6AEA08}D:\games\ccp\eve\bin\exefile.exe] => (Allow) D:\games\ccp\eve\bin\exefile.exe FirewallRules: [{4C5891E8-AC81-4E20-875C-3FCAFFA2AC9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E55A4142-057F-4DCE-BAC9-B92C8499FED3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27476226-F7CE-49F6-BE2E-FD27E31F64EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{68CBEDC1-9504-46DB-BEAF-9B796911DE9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{80E8BE5D-5E0D-45C1-A7A3-49017AB7AD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{3CDED019-2C56-4236-AC31-B86A348FDD99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7F8CD4F7-D92B-4180-937B-ACF897FA3FC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8D249944-9F82-4D57-A32A-26CFE3EF9234}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A24AC716-5A02-4A4B-8FCD-E0FEBDAC9CD8}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{8249C33E-CD22-4556-BAE8-45641D61DA7F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/13/2016 06:55:37 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (01/13/2016 04:22:52 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Error: (01/13/2016 04:14:25 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Local Hostname Morpheus.local already in use; will try Morpheus-2.local instead Error: (01/13/2016 04:14:25 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Morpheus.local. Addr 192.168.178.27 Error: (01/13/2016 04:14:25 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.178.27:5353 16 Morpheus.local. AAAA 2A02:8070:A1A3:4200:D1CB:764A:7CAE:AAE0 Error: (01/13/2016 03:23:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.20, Zeitstempel: 0x5654262a Ausnahmecode: 0xc0000374 Fehleroffset: 0x000dc089 ID des fehlerhaften Prozesses: 0x8d4 Startzeit der fehlerhaften Anwendung: 0xmbam.exe0 Pfad der fehlerhaften Anwendung: mbam.exe1 Pfad des fehlerhaften Moduls: mbam.exe2 Berichtskennung: mbam.exe3 Vollständiger Name des fehlerhaften Pakets: mbam.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5 Error: (01/13/2016 03:22:43 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 772: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.) Error: (01/13/2016 03:22:43 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Error: (01/13/2016 03:22:43 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: 660: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.) Error: (01/13/2016 03:22:43 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ERROR: mDNSPlatformReadTCP - recv: 10053 Systemfehler: ============= Error: (01/13/2016 05:54:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1, 10 und Windows Server 2012, 2012 R2 x64 Edition - Januar 2016 (KB890830) Error: (01/13/2016 04:24:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (01/13/2016 04:24:45 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Helliot\AppData\Local\Temp\ehdrv.sys Error: (01/13/2016 04:24:45 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Helliot\AppData\Local\Temp\ehdrv.sys Error: (01/13/2016 04:24:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (01/13/2016 04:24:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (01/13/2016 04:24:45 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Helliot\AppData\Local\Temp\ehdrv.sys Error: (01/13/2016 04:23:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (01/13/2016 04:23:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Helliot\AppData\Local\Temp\ehdrv.sys Error: (01/13/2016 04:23:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 CodeIntegrity: =================================== Date: 2016-01-13 17:54:15.348 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 17:54:15.272 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 17:54:15.194 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 17:54:14.697 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 17:54:14.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 16:13:36.003 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 16:13:35.670 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-13 16:13:35.609 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-10 17:10:30.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-10 17:10:30.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Prozentuale Nutzung des RAM: 39% Installierter physikalischer RAM: 8087.05 MB Verfügbarer physikalischer RAM: 4884.32 MB Summe virtueller Speicher: 16279.05 MB Verfügbarer virtueller Speicher: 12603.13 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:97.12 GB) (Free:39.67 GB) NTFS Drive d: (Games) (Fixed) (Total:140.82 GB) (Free:19.6 GB) NTFS Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:1766.68 GB) NTFS Drive g: (TrekStor) (Fixed) (Total:931.51 GB) (Free:875.57 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: E82530F0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=140.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2C3A71AB) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 0B51B638) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Die Ladegeschwindigkeit im Chrome ist normal. Ich kann gerade kein Problem feststellen. |
14.01.2016, 15:48 | #13 | ||||||||
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup: Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank: Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
14.01.2016, 19:21 | #14 |
| Internet Abbrüche / lange Ladezeit beim Browser (Chrome) ich habe noch diese fehlermeldung bekommen nach Delfix. Der Browser läuft stabil. Die Internetverbindung muss ich ausgibig mal am Wochenende jetzt testen. Bis jetzt hatte ich keine Abbrüche. Geändert von G.ACE (14.01.2016 um 19:30 Uhr) |
15.01.2016, 15:00 | #15 |
/// TB-Ausbilder | Internet Abbrüche / lange Ladezeit beim Browser (Chrome) Was stand in der Fehlermeldung? Ich kann es nicht lesen, zu klein. |
Themen zu Internet Abbrüche / lange Ladezeit beim Browser (Chrome) |
abbrüche, andere, anderen, browser, chrome, erklären, inter, interne, internet, laden, lange, laufe, laufen, leitung, nicht, probleme, rechner, rechnern, ständige, würde |