| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: SkypeVirus? ausversehen diesen Link geklickt :/ was nunWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
22.02.2016, 20:50
| #1 |
 |  SkypeVirus? ausversehen diesen Link geklickt :/ was nun Hi, hab heute von einigen Kontakten den gleichen Link geschickt bekommen. hxxp://goo.gl/r0rn99#jqozy=(skypebenutzername) wollte diesen Kopieren und eine Statusmeldung machen dass den niemand anklicken soll. Leider war ich so dumm und hab den mit linksklick erwischt  Dabei öffnete sich eine Seite über Diäten. Ich vermute aber Stark dass es wieder so ein Virus ist wie vor einem Jahr. Bis jetzt hat noch niemand was von mir bekommen. Wie soll ich nun fortfahren? |
|
22.02.2016, 23:01
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
23.02.2016, 16:25
| #3 |
| | Logs FRST.txt
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
durchgeführt von cletze (Administrator) auf MEINPC (23-02-2016 16:19:21)
Gestartet von C:\Users\cletze\Downloads
Geladene Profile: cletze (Verfügbare Profile: cletze)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(EVGA Corp.) C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(Brooks Younce Software) C:\Program Files (x86)\Smart Port Forwarding\SPF.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Razer, Inc.) C:\Users\cletze\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Joyent, Inc) C:\Users\cletze\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
(EVGA Corp.) C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionXServer.exe
(EVGA Corp.) C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionXServer_x64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) D:\Program Files (x86)\ts3client_win64.exe
() D:\Program Files\FlyFF_EN\Flyff.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [FWS_FlawlessWidescreen] => C:\Program Files (x86)\Flawless Widescreen\FlawlessWidescreen.exe [2607104 2014-05-30] (Flawless Widescreen)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-09-29] (Razer Inc.)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6609832 2015-11-12] (Steganos Software GmbH)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-01-12] (Electronic Arts)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\Run: [Smart Port Forwarding] => C:\Program Files (x86)\Smart Port Forwarding\SPF.exe [258048 2008-01-10] (Brooks Younce Software)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
Startup: C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-02-21] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-1314259541-1698729379-4188840987-1001] => hxxp://127.0.0.1:8445/okayfreedom.pac
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2d3a7d30-2bbf-446d-ae77-eeb7dc7547b3}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2d3a7d30-2bbf-446d-ae77-eeb7dc7547b3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{46ef8481-48f3-406f-a8c9-960d97534150}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{91109df1-684c-4861-9cd0-8382431c84be}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{91109df1-684c-4861-9cd0-8382431c84be}: [DhcpNameServer] 10.0.0.138
ManualProxies: 0hxxp://127.0.0.1:8445/okayfreedom.pac
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\cletze\AppData\Roaming\Mozilla\Firefox\Profiles\l76tv4l7.default
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: OkayFreedom - C:\Users\cletze\AppData\Roaming\Mozilla\Firefox\Profiles\l76tv4l7.default\extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2015-09-11]
Chrome:
=======
CHR Profile: C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-20]
CHR Extension: (BetterTTV) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-11-18]
CHR Extension: (Google Docs) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-20]
CHR Extension: (Google Drive) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Google-Suche) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-20]
CHR Extension: (Google Mail) - C:\Users\cletze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-20]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1352736 2016-02-20] ()
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-08-17] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3587680 2015-10-08] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [346552 2015-11-12] (Steganos Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-12] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-11-27] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-11-26] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-10-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-10-12] (Anchorfree Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\EVGA\PrecisionX 16\WinRing0\WinRing0x64.sys [14536 2015-10-20] (OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36904 2016-02-19] (Wellbia.com Co., Ltd.)
S3 B5971947; \??\C:\ProgramData\0006780F_tvn [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-23 16:19 - 2016-02-23 16:19 - 00016077 _____ C:\Users\cletze\Downloads\FRST.txt
2016-02-23 16:19 - 2016-02-23 16:19 - 00000000 ____D C:\FRST
2016-02-23 16:18 - 2016-02-23 16:19 - 02371072 _____ (Farbar) C:\Users\cletze\Downloads\FRST64.exe
2016-02-23 15:12 - 2016-02-23 15:12 - 00373398 _____ C:\Users\cletze\Downloads\verlustanzeige zeugnis 3.pdf
2016-02-22 22:28 - 2016-02-22 22:28 - 00003098 _____ C:\Users\cletze\Documents\Eset logs.txt
2016-02-22 20:30 - 2016-02-22 20:30 - 02870984 _____ (ESET) C:\Users\cletze\Downloads\esetsmartinstaller_deu.exe
2016-02-22 20:30 - 2016-02-22 20:30 - 00000000 ____D C:\Program Files (x86)\ESET
2016-02-21 11:00 - 2016-02-22 00:14 - 00000000 ____D C:\Users\cletze\AppData\Local\Deployment
2016-02-21 11:00 - 2016-02-21 11:03 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Curse Advertising
2016-02-21 11:00 - 2016-02-21 11:00 - 00402696 _____ () C:\Users\cletze\Downloads\setup.exe
2016-02-21 11:00 - 2016-02-21 11:00 - 00000318 _____ C:\Users\cletze\Desktop\Curse Client.appref-ms
2016-02-21 11:00 - 2016-02-21 11:00 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2016-02-21 10:59 - 2016-02-21 10:59 - 00018773 _____ C:\Users\cletze\Downloads\DraenorTreasures-r20160221004152.zip
2016-02-21 01:03 - 2016-02-21 01:03 - 00000892 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-02-21 01:03 - 2016-02-21 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-02-18 22:27 - 2016-02-18 22:27 - 27341949 _____ C:\Users\cletze\Downloads\Hive_1_1_Win.zip
2016-02-18 18:26 - 2016-02-19 09:25 - 00036904 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-02-18 16:35 - 2016-02-18 16:35 - 00390284 _____ C:\WINDOWS\Minidump\021816-16421-01.dmp
2016-02-18 16:35 - 2016-02-18 16:35 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-18 15:29 - 2016-02-18 18:57 - 00000000 ____D C:\Users\cletze\Documents\Black Desert
2016-02-18 14:56 - 2016-02-18 15:03 - 00000000 ____D C:\Users\cletze\AppData\Local\BlackDesertOnlineCBT2
2016-02-18 14:56 - 2016-02-18 14:56 - 00000723 _____ C:\Users\Public\Desktop\Black Desert Online.lnk
2016-02-18 14:56 - 2016-02-18 14:56 - 00000723 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2016-02-18 14:56 - 2016-02-18 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2016-02-18 14:54 - 2016-02-18 14:55 - 50503912 _____ (Daum Games EU) C:\Users\cletze\Downloads\BlackDesertOnlineSetup_20160216_1001.exe
2016-02-17 13:45 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-17 13:45 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-17 13:45 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-17 13:45 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-17 13:45 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-17 13:45 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-17 13:45 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-17 13:45 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-17 13:45 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-17 13:45 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-17 13:45 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-17 13:45 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-17 13:45 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-17 13:45 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-17 13:45 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-17 13:45 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-17 13:45 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-17 13:45 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-02-17 13:45 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-02-17 13:45 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-02-17 13:45 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-02-17 13:45 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-02-17 13:45 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-02-17 13:45 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-02-17 13:45 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-02-17 13:45 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-02-17 13:45 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-02-17 13:45 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-02-17 13:45 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-02-17 13:45 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-02-17 13:45 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-02-17 13:45 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-02-17 13:45 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-02-17 13:45 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-02-17 13:45 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-02-17 13:45 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-02-17 13:45 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-02-17 13:45 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-02-17 13:45 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-02-17 13:45 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-02-17 13:45 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-02-17 13:45 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-02-17 13:45 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-02-17 13:45 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-02-17 13:45 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-02-17 13:45 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-02-17 13:45 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-02-17 13:45 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-02-17 13:45 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-02-17 13:45 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-02-17 13:45 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-02-17 13:45 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-02-17 13:45 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-02-17 13:45 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-02-17 13:45 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-02-17 13:45 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-17 13:45 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-02-17 13:45 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-02-17 13:45 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-02-17 13:45 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-02-17 13:45 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-02-17 13:45 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-02-17 13:45 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-02-17 13:45 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-02-17 13:45 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-17 13:45 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-17 13:45 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-02-17 13:45 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-02-17 13:45 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-02-17 13:45 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-02-17 13:45 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-02-17 13:45 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-02-17 13:45 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-02-17 13:45 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-02-17 13:45 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-02-17 13:45 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-02-17 13:45 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-02-17 13:45 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-02-17 13:45 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-02-17 13:45 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-02-17 13:45 - 2015-11-13 07:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-02-17 13:45 - 2015-11-13 06:39 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-02-17 13:45 - 2015-11-13 06:19 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-02-17 13:44 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-17 13:44 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-17 13:44 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-17 13:44 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-17 13:44 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-17 13:44 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-17 13:44 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-17 13:44 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-17 13:44 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-17 13:44 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-17 13:44 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-17 13:44 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-17 13:44 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-17 13:44 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-17 13:44 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-17 13:44 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-17 13:44 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-17 13:44 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-17 13:44 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-17 13:44 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-17 13:44 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-17 13:44 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-17 13:44 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-17 13:44 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-17 13:44 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-17 13:44 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-17 13:44 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-17 13:44 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-17 13:44 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-17 13:44 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-17 13:44 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-17 13:44 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-17 13:44 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-17 13:44 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-17 13:44 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-17 13:44 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-17 13:44 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-17 13:44 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-17 13:44 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-17 13:44 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-17 13:44 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-17 13:44 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-17 13:44 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-17 13:44 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-17 13:44 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-17 13:44 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-17 13:44 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-17 13:44 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-17 13:44 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-02-17 13:44 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-17 13:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-17 13:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-17 13:44 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-02-17 13:44 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-02-17 13:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-02-17 13:44 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-02-17 13:44 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-02-17 13:44 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-02-17 13:44 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-02-17 13:44 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-02-17 13:44 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-02-17 13:44 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-02-17 13:44 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-02-17 13:44 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-17 13:44 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-02-17 13:44 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-17 13:44 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-02-17 13:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-02-17 13:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-02-17 13:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-02-17 13:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-02-17 13:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-02-17 13:44 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-02-17 13:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-02-17 13:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-02-17 13:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-02-17 13:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-02-17 13:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-02-17 13:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-02-17 13:44 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-02-17 13:44 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-02-17 13:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-02-17 13:44 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-02-17 13:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-02-17 13:44 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-02-17 13:44 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-02-17 13:44 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-02-17 13:44 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-02-17 13:44 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-17 13:44 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-02-17 13:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-02-17 13:44 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-17 13:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-02-17 13:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-02-17 13:44 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-02-17 13:44 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-02-17 13:44 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-02-17 13:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-02-17 13:44 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-02-17 13:44 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-02-17 13:44 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-02-17 13:44 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-02-17 13:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-02-17 13:44 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-02-17 13:44 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-02-17 13:44 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-02-17 13:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-02-17 13:44 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-17 13:44 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-17 13:44 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-02-17 13:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-02-17 13:44 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-02-17 13:44 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-02-17 13:44 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-02-17 13:44 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-17 13:44 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-02-17 13:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-02-17 13:44 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-02-17 13:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-02-17 13:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-02-17 13:44 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-02-17 13:44 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-02-17 13:44 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-02-17 13:44 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-02-17 13:44 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-02-17 13:44 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-17 13:44 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-17 13:44 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-02-17 13:44 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-02-17 13:44 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-02-17 13:44 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-02-17 13:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-02-17 13:44 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-02-17 13:44 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-02-17 13:44 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-02-17 13:44 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-02-17 13:44 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-02-17 13:44 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-02-17 13:44 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-02-17 13:44 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-02-17 13:44 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-02-17 13:44 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-02-17 13:44 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-02-17 13:44 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-02-17 13:44 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-02-17 13:44 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-02-17 13:44 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-17 13:44 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-02-17 13:44 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-17 13:44 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-02-17 13:44 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-02-17 13:44 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-02-17 13:44 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-02-17 13:44 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-02-17 13:44 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-02-17 13:44 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-02-17 13:44 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-02-17 13:44 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-02-17 13:44 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-02-17 13:44 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-02-17 13:44 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-02-17 13:44 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-02-17 13:44 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-02-17 13:44 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-02-17 13:44 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-02-17 13:44 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-02-17 13:44 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-02-17 13:44 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-02-17 13:44 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-02-17 13:44 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-02-17 13:44 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-02-17 13:44 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-02-17 13:44 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-02-17 13:44 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-02-17 13:44 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-02-17 13:44 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-02-17 13:44 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-02-17 13:44 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-17 13:44 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-02-17 13:44 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-02-17 13:44 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-02-17 13:44 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-02-17 13:44 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-02-17 13:44 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-02-17 13:44 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-02-17 13:44 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-02-17 13:44 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-02-17 13:44 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-02-17 13:44 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-02-17 13:44 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-17 13:44 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-02-17 13:44 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-02-17 13:44 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-02-17 13:44 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-02-17 13:44 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-02-17 13:44 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-02-17 13:44 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-02-17 13:44 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-02-17 13:44 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-02-17 13:44 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-02-17 13:44 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-02-17 13:44 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-02-17 13:44 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-02-17 13:44 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-02-17 13:44 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-02-17 13:44 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-02-17 13:44 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-02-17 13:44 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-02-17 13:44 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-02-17 13:44 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-02-17 13:44 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-02-17 13:44 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-02-17 13:44 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-02-17 13:44 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-02-17 13:44 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-02-17 13:44 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-02-17 13:44 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-02-17 13:44 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-02-17 13:44 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-02-17 13:44 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-02-17 13:44 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-02-17 13:44 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-02-17 13:44 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-02-17 13:44 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-02-17 13:44 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-02-17 13:44 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-02-17 13:44 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-02-17 13:44 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-02-17 13:44 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-02-17 13:44 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-02-17 13:44 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-02-17 13:44 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-02-17 13:44 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-02-17 13:44 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-02-17 13:44 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-02-17 13:44 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-17 13:44 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-02-17 13:44 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-02-17 13:44 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-02-17 13:44 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-02-17 13:44 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-02-17 13:44 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-02-17 13:44 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-02-17 13:44 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-02-17 13:44 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-02-17 13:44 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-02-17 13:44 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-17 13:44 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-17 13:44 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-02-17 13:44 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-02-17 13:44 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-02-17 13:44 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-02-17 13:44 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-17 13:44 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-02-17 13:44 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-02-17 13:44 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-02-17 13:44 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-02-17 13:44 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-02-17 13:44 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-02-17 13:44 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-02-17 13:44 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-02-17 13:44 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-02-17 13:44 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-02-17 13:44 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-02-17 13:44 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-02-17 13:44 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-02-17 13:44 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-02-17 13:44 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-02-17 13:44 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-02-17 13:44 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-02-17 13:44 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-02-17 13:44 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-02-17 13:44 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-02-17 13:44 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-02-17 13:44 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-02-17 13:44 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-02-17 13:44 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-02-17 13:44 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-02-17 13:44 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-02-17 13:44 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-02-17 13:44 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-02-17 13:44 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-02-17 13:44 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-02-17 13:44 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-02-17 13:44 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-02-17 13:44 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-02-17 13:44 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-02-17 13:44 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-02-17 13:44 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-02-17 13:44 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-02-17 13:44 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-02-17 13:44 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-02-17 13:44 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-02-17 13:44 - 2015-11-21 06:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-02-17 13:44 - 2015-11-21 06:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-02-17 13:44 - 2015-11-21 06:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-02-17 13:44 - 2015-11-13 07:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-02-17 13:44 - 2015-11-13 07:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-02-17 13:44 - 2015-11-13 07:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-02-17 13:44 - 2015-11-13 07:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-02-17 13:44 - 2015-11-13 07:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-02-17 13:44 - 2015-11-13 07:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-02-17 13:44 - 2015-11-13 07:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-02-17 13:44 - 2015-11-13 07:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-02-17 13:44 - 2015-11-13 07:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-02-17 13:44 - 2015-11-13 07:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-02-17 13:44 - 2015-11-13 07:33 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-17 13:44 - 2015-11-13 07:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-02-17 13:44 - 2015-11-13 07:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-02-17 13:44 - 2015-11-13 07:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-02-17 13:44 - 2015-11-13 07:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-02-17 13:44 - 2015-11-13 07:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-02-17 13:44 - 2015-11-13 07:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-02-17 13:44 - 2015-11-13 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-02-17 13:44 - 2015-11-13 06:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-02-17 13:44 - 2015-11-13 06:57 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-02-17 13:44 - 2015-11-13 06:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-02-17 13:44 - 2015-11-13 06:53 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-02-17 13:44 - 2015-11-13 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-02-17 13:44 - 2015-11-13 06:33 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-02-17 13:44 - 2015-11-13 06:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-02-17 13:44 - 2015-11-13 06:30 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-02-17 13:44 - 2015-11-13 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-02-17 13:44 - 2015-11-13 06:23 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-02-17 13:44 - 2015-11-05 13:05 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-02-17 13:44 - 2015-11-05 11:40 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-02-17 13:44 - 2015-11-05 11:25 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-02-17 13:44 - 2015-11-05 11:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-02-17 13:44 - 2015-11-05 11:00 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-02-17 13:44 - 2015-11-05 10:41 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-02-17 13:44 - 2015-11-05 10:10 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-17 13:44 - 2015-11-05 10:02 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-02-17 13:44 - 2015-11-05 09:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-02-17 13:44 - 2015-11-05 09:15 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-17 13:43 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-02-17 13:43 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-02-17 13:43 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-02-17 13:43 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-02-17 13:43 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-02-17 13:43 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-02-17 13:43 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-02-17 13:43 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-02-17 13:43 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-02-17 13:43 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-02-17 13:43 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-02-17 13:43 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-02-17 13:43 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-02-17 13:43 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-02-17 13:43 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-02-17 13:43 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-02-17 13:43 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-02-17 13:43 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-02-17 13:43 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-02-17 13:43 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-02-17 13:43 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-02-17 13:43 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-02-17 13:43 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-02-17 13:43 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-02-17 13:43 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-02-17 13:43 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-02-17 13:43 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-02-17 13:43 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-02-17 13:43 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-02-17 13:43 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-02-17 13:43 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-02-17 13:43 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-02-17 13:43 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-02-17 13:43 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-02-17 13:43 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-02-17 13:43 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-02-17 13:43 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-02-17 13:43 - 2015-11-13 07:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-02-17 13:43 - 2015-11-13 07:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-02-17 13:43 - 2015-11-13 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-02-17 13:43 - 2015-11-13 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-02-17 13:43 - 2015-11-13 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-02-17 13:43 - 2015-11-13 07:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-02-17 13:43 - 2015-11-13 07:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-02-17 13:43 - 2015-11-13 07:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-02-17 13:43 - 2015-11-13 07:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-02-17 13:43 - 2015-11-13 07:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-02-17 13:43 - 2015-11-13 07:00 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-02-17 13:43 - 2015-11-13 06:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-02-17 13:43 - 2015-11-13 06:40 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-02-17 13:43 - 2015-11-13 06:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-02-17 13:43 - 2015-11-13 06:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-02-17 13:43 - 2015-11-05 11:08 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-02-17 13:43 - 2015-11-05 11:04 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-02-17 13:43 - 2015-11-05 10:44 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-02-17 13:43 - 2015-11-05 10:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-02-17 13:43 - 2015-11-05 09:59 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-02-17 13:43 - 2015-11-05 09:42 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-02-16 18:42 - 2016-02-16 18:42 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-02-14 16:32 - 2016-02-14 16:32 - 02716160 _____ C:\Users\cletze\Downloads\fXgqhsKxwu.exe
2016-02-14 16:32 - 2016-02-14 16:32 - 02716160 _____ C:\Users\cletze\Desktop\fXgqhsKxwu.exe
2016-02-14 01:10 - 2016-02-14 01:10 - 00000000 ____D C:\Users\cletze\AppData\Local\ActiveSync
2016-02-14 01:08 - 2016-02-14 01:08 - 00000020 ___SH C:\Users\cletze\ntuser.ini
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-02-14 01:07 - 2016-02-14 01:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-02-14 01:06 - 2016-02-20 12:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-14 01:06 - 2016-02-14 01:06 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-02-14 01:05 - 2016-02-14 01:05 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-14 01:04 - 2016-02-22 23:17 - 00000000 ____D C:\Users\cletze
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Vorlagen
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Startmenü
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Netzwerkumgebung
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Lokale Einstellungen
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Eigene Dateien
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Druckumgebung
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Documents\Eigene Videos
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Documents\Eigene Musik
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Documents\Eigene Bilder
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\AppData\Local\Verlauf
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\AppData\Local\Anwendungsdaten
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 _SHDL C:\Users\cletze\Anwendungsdaten
2016-02-14 01:04 - 2016-02-14 01:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-02-14 01:04 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-14 01:03 - 2016-02-20 12:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-14 01:03 - 2016-02-14 01:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-14 01:03 - 2016-02-14 01:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-14 01:03 - 2016-02-14 01:04 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-14 01:03 - 2016-02-14 01:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-14 01:03 - 2016-02-14 01:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2016-02-14 01:03 - 2016-02-14 01:03 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-02-14 01:03 - 2015-12-16 15:54 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-14 01:03 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-14 01:03 - 2015-12-16 15:49 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-14 01:02 - 2016-02-18 13:34 - 00189368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-14 01:00 - 2016-02-14 01:00 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\Windows.old
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\Program Files\MSBuild
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-14 01:00 - 2016-02-14 01:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-14 00:59 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-02-14 00:59 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-14 00:59 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-02-14 00:59 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-02-14 00:59 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-02-14 00:59 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-14 00:20 - 2016-02-14 00:54 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-13 23:59 - 2016-02-13 23:59 - 18446672 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\MediaCreationTool (1).exe
2016-02-13 23:59 - 2016-02-13 23:59 - 18446672 _____ (Microsoft Corporation) C:\Users\cletze\Desktop\MediaCreationTool (1).exe
2016-02-13 23:59 - 2016-02-13 23:59 - 00000000 ___HD C:\$Windows.~WS
2016-02-13 23:53 - 2016-02-13 23:53 - 02077392 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\IE11-Windows6.1.exe
2016-02-13 21:22 - 2016-02-14 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-02-13 21:22 - 2016-02-13 21:22 - 00001183 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-13 21:21 - 2016-02-13 21:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-02-13 21:21 - 2016-02-13 21:21 - 22908888 _____ (Malwarebytes ) C:\Users\cletze\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-13 21:21 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-13 21:21 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-13 21:21 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-13 20:37 - 2016-02-13 20:36 - 00067310 _____ C:\Users\cletze\Desktop\bluescreenview.zip
2016-02-13 20:36 - 2016-02-13 20:36 - 00067310 _____ C:\Users\cletze\Downloads\bluescreenview.zip
2016-02-13 19:47 - 2016-02-13 19:47 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.bak
2016-02-13 19:47 - 2016-02-13 19:47 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload2.efi
2016-02-13 19:47 - 2016-02-13 19:47 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.bak
2016-02-13 19:45 - 2016-02-13 19:48 - 45959784 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\Nicht bestätigt 684061.crdownload
2016-02-13 19:15 - 2016-02-14 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2016-02-13 19:15 - 2016-02-13 19:15 - 04395480 _____ (EZB Systems, Inc. ) C:\Users\cletze\Downloads\uiso965DE_pe.exe
2016-02-13 19:15 - 2016-02-13 19:15 - 00000000 ____D C:\Users\cletze\Documents\My ISO Files
2016-02-13 19:15 - 2016-02-13 19:15 - 00000000 ____D C:\Program Files (x86)\UltraISO
2016-02-13 19:11 - 2016-02-13 19:12 - 00000000 ____D C:\Users\cletze\Desktop\Neuer Ordner (4)
2016-02-13 17:04 - 2016-02-13 17:25 - 3276931072 _____ C:\Users\cletze\Downloads\Windows64Pro.iso
2016-02-13 17:01 - 2016-02-14 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2016-02-13 17:01 - 2016-02-13 17:01 - 00000000 ____D C:\Program Files (x86)\WinCDEmu
2016-02-13 17:00 - 2016-02-13 17:00 - 01697808 _____ (Sysprogs OU) C:\Users\cletze\Downloads\WinCDEmu-4.1.exe
2016-02-13 16:57 - 2016-02-13 16:57 - 47400128 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\NetFx64.exe
2016-02-13 16:56 - 2016-02-13 16:56 - 02941840 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\Windows7-USB-DVD-Download-Tool-Installer-de-DE.exe
2016-02-13 16:50 - 2016-02-13 16:50 - 00000000 ____D C:\Users\cletze\Desktop\mukke von stick
2016-02-13 16:08 - 2016-02-13 16:09 - 242743296 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\dotnetfx35.exe
2016-02-13 16:06 - 2016-02-14 01:08 - 00000000 ____D C:\Users\cletze\Desktop\Neuer Ordner (3)
2016-02-13 15:07 - 2016-02-14 01:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2016-02-13 15:06 - 2016-02-13 15:07 - 82101304 _____ C:\Users\cletze\Downloads\WacomTablet_6.3.15-3.exe
2016-02-13 14:31 - 2016-02-13 14:32 - 18446672 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\MediaCreationTool.exe
2016-02-13 14:29 - 2016-02-13 14:29 - 02959376 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\dotnetfx35setup (2).exe
2016-02-13 14:28 - 2016-02-13 14:28 - 02959376 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\dotnetfx35setup (1).exe
2016-02-13 14:22 - 2016-02-13 14:22 - 02869264 _____ (Microsoft Corporation) C:\Users\cletze\Downloads\dotNetFx35setup.exe
2016-02-03 13:26 - 2016-02-03 13:27 - 82101240 _____ C:\Users\cletze\Downloads\WacomTablet_6.3.15-2 (1).exe
2016-02-02 16:16 - 2016-02-02 16:15 - 344316781 _____ C:\Users\cletze\Desktop\@Exile-0.9.41.rar
2016-02-02 16:13 - 2016-02-02 16:15 - 344316781 _____ C:\Users\cletze\Downloads\@Exile-0.9.41.rar
2016-01-31 21:11 - 2016-01-31 21:11 - 00000000 ____D C:\Users\cletze\Documents\League of Legends
2016-01-28 21:44 - 2016-02-12 23:59 - 00000166 _____ C:\Users\cletze\Documents\ClownfishForTeamspeak.ini
2016-01-28 21:43 - 2016-01-28 21:43 - 00237268 _____ C:\Users\cletze\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
2016-01-28 21:43 - 2016-01-28 21:43 - 00237268 _____ C:\Users\cletze\Downloads\ClownfishVoiceChanger-v1.50 (1).ts3_plugin
2016-01-28 17:59 - 2016-02-07 00:42 - 00000000 ____D C:\Users\cletze\Documents\Rise of the Tomb Raider
2016-01-28 17:59 - 2016-01-28 17:59 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Crystal Dynamics
2016-01-28 15:00 - 2015-12-18 07:11 - 00047760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-01-28 15:00 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-28 15:00 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-28 14:10 - 2016-01-28 14:10 - 00005519 _____ C:\Users\cletze\Downloads\UnbenanntesDokument.odt
2016-01-28 14:10 - 2016-01-28 14:10 - 00005519 _____ C:\Users\cletze\Desktop\UnbenanntesDokument.odt
2016-01-27 09:52 - 2016-01-27 09:52 - 00574926 _____ C:\Users\cletze\Downloads\Download.htm
2016-01-24 12:15 - 2016-01-24 12:15 - 00052178 _____ C:\Users\cletze\Downloads\028-2768878-8812360 (5).pdf
2016-01-24 12:15 - 2016-01-24 12:15 - 00052178 _____ C:\Users\cletze\Downloads\028-2768878-8812360 (4).pdf
2016-01-24 12:15 - 2016-01-24 12:15 - 00052177 _____ C:\Users\cletze\Downloads\028-2768878-8812360 (3).pdf
2016-01-24 12:15 - 2016-01-24 12:15 - 00052177 _____ C:\Users\cletze\Downloads\028-2768878-8812360 (2).pdf
2016-01-24 12:15 - 2016-01-24 12:15 - 00052177 _____ C:\Users\cletze\Downloads\028-2768878-8812360 (1).pdf
2016-01-24 12:14 - 2016-01-24 12:14 - 00052177 _____ C:\Users\cletze\Downloads\028-2768878-8812360.pdf
2016-01-24 10:12 - 2016-01-24 10:12 - 00000000 __SHD C:\found.001
2016-01-24 09:57 - 2016-01-24 09:57 - 00001267 _____ C:\Users\cletze\Desktop\CrystalDiskInfo.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-23 16:16 - 2015-10-20 20:52 - 00000000 ____D C:\Users\cletze\AppData\Roaming\TS3Client
2016-02-23 16:07 - 2015-10-27 15:06 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Skype
2016-02-23 16:06 - 2015-10-20 19:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 15:06 - 2015-10-20 19:27 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-23 14:37 - 2015-10-23 08:44 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C7399BA-DCC3-479C-AF48-997FD3A21A1E}
2016-02-22 23:17 - 2015-10-20 20:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-22 23:12 - 2015-10-20 21:05 - 00000000 ____D C:\Users\cletze\AppData\Local\Battle.net
2016-02-22 20:52 - 2015-10-20 20:03 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-21 01:07 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-21 00:57 - 2015-10-20 21:06 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-21 00:57 - 2015-10-20 21:05 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Battle.net
2016-02-20 12:56 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-20 12:56 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-20 12:56 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-20 12:56 - 2015-10-20 18:53 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-20 01:28 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-20 00:07 - 2015-10-20 19:27 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 13:24 - 2015-11-02 12:08 - 00000000 ____D C:\Users\cletze\Documents\My Games
2016-02-19 13:24 - 2015-10-20 21:05 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-18 15:03 - 2015-11-20 23:19 - 00000000 ____D C:\Users\cletze\AppData\Local\NVIDIA
2016-02-18 14:56 - 2015-10-20 19:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-18 14:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-18 13:34 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-17 22:08 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-17 22:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-17 22:08 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-17 22:08 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-17 16:20 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-17 14:23 - 2015-10-24 14:11 - 00000000 ____D C:\Users\cletze\Ubisoft Game Launcher
2016-02-16 15:02 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-14 11:08 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-14 01:17 - 2015-10-20 18:56 - 00000000 ____D C:\Users\cletze\AppData\Local\Packages
2016-02-14 01:15 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-14 01:09 - 2015-10-20 19:00 - 00002398 _____ C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-14 01:09 - 2015-10-20 19:00 - 00000000 ___RD C:\Users\cletze\OneDrive
2016-02-14 01:08 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-14 01:08 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-14 01:07 - 2015-11-18 16:05 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-02-14 01:07 - 2015-11-18 16:05 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-02-14 01:07 - 2015-11-18 14:50 - 00000884 __RSH C:\ProgramData\ntuser.pol
2016-02-14 01:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-14 01:07 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2016-02-14 01:07 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-14 01:06 - 2015-11-26 10:38 - 00002596 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2016-02-14 01:06 - 2015-11-13 11:30 - 00002598 _____ C:\WINDOWS\System32\Tasks\EVGAPrecisionX
2016-02-14 01:06 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-14 01:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-02-14 01:06 - 2015-10-20 19:27 - 00003644 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-14 01:06 - 2015-10-20 19:27 - 00003420 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-14 01:05 - 2016-01-20 07:40 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive
2016-02-14 01:05 - 2016-01-17 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Multiplatform
2016-02-14 01:05 - 2016-01-17 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-02-14 01:05 - 2016-01-17 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warsow 2.0
2016-02-14 01:05 - 2016-01-12 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Port Forwarding
2016-02-14 01:05 - 2016-01-12 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-02-14 01:05 - 2016-01-02 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-02-14 01:05 - 2015-12-24 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront
2016-02-14 01:05 - 2015-12-08 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-02-14 01:05 - 2015-12-04 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2016-02-14 01:05 - 2015-11-26 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-02-14 01:05 - 2015-11-25 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-02-14 01:05 - 2015-11-13 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flawless Widescreen
2016-02-14 01:05 - 2015-11-11 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameVox
2016-02-14 01:05 - 2015-10-23 11:05 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-14 01:05 - 2015-10-23 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-14 01:05 - 2015-10-21 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-02-14 01:05 - 2015-10-21 08:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2016-02-14 01:05 - 2015-10-20 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-02-14 01:05 - 2015-10-20 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-02-14 01:05 - 2015-10-20 19:58 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TwitchAlerts
2016-02-14 01:05 - 2015-10-20 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNi Xonar Audio
2016-02-14 01:05 - 2015-10-20 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-14 01:05 - 2015-07-10 10:47 - 00000000 ____D C:\Users\Default.migrated
2016-02-14 01:04 - 2016-01-21 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-02-14 01:04 - 2016-01-21 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-02-14 01:04 - 2015-12-27 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-02-14 01:04 - 2015-12-14 10:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-14 01:04 - 2015-11-13 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVGA
2016-02-14 01:04 - 2015-11-10 11:55 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-02-14 01:04 - 2015-11-06 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-02-14 01:04 - 2015-10-31 18:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2016-02-14 01:04 - 2015-10-30 19:47 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\System
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-14 01:04 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-14 01:04 - 2015-10-24 14:11 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-14 01:04 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-02-14 01:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2016-02-14 01:03 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-14 01:02 - 2015-10-30 19:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-14 01:02 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-14 01:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-02-14 01:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-02-14 00:19 - 2015-09-10 13:09 - 00000000 ____D C:\ESD
2016-02-13 22:49 - 2016-01-09 16:08 - 00000000 ____D C:\Users\cletze\AppData\Local\CrashDumps
2016-02-13 21:22 - 2015-11-25 20:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-13 19:47 - 2015-10-20 22:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-13 19:42 - 2015-10-20 22:34 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-13 15:07 - 2015-10-21 08:30 - 00000000 ____D C:\Program Files\Tablet
2016-02-09 12:54 - 2015-10-27 15:06 - 00000000 ____D C:\ProgramData\Skype
2016-02-05 10:32 - 2015-10-23 12:07 - 00000000 ____D C:\Users\cletze\Desktop\Musik
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 16:23 - 2015-11-04 23:30 - 00000000 ____D C:\Users\cletze\AppData\Local\Arma 3
2016-01-30 18:22 - 2015-11-04 23:30 - 00000000 ____D C:\Users\cletze\AppData\Local\Arma 3 Launcher
2016-01-28 15:00 - 2015-11-20 23:19 - 00001462 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-28 14:34 - 2015-12-16 16:52 - 00000000 ____D C:\Users\cletze\Desktop\Kataner screens
2016-01-27 19:47 - 2016-01-22 18:47 - 00000000 ____D C:\Users\cletze\AppData\Roaming\obs-studio
2016-01-27 14:20 - 2016-01-16 21:53 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-01-27 14:20 - 2015-12-24 14:52 - 00000784 _____ C:\Users\Public\Desktop\STAR WARS Battlefront.lnk
2016-01-27 14:19 - 2015-10-20 21:33 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-01-27 14:18 - 2015-10-20 21:04 - 00000000 ____D C:\ProgramData\Origin
2016-01-24 12:25 - 2015-10-20 19:11 - 00000000 ____D C:\WINDOWS\pss
2016-01-24 12:16 - 2016-01-02 15:59 - 00000000 ____D C:\Users\cletze\AppData\Roaming\Steganos VPN
2016-01-24 09:57 - 2015-11-25 20:28 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-10 16:33 - 2015-11-10 16:33 - 0007630 _____ () C:\Users\cletze\AppData\Local\Resmon.ResmonCfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\cletze\WowMatrix.exe
Einige Dateien in TEMP:
====================
C:\Users\cletze\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
C:\Users\cletze\AppData\Local\Temp\772c9197c9fc03522c0913fde97a000a.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG
LastRegBack: 2016-02-14 01:02
==================== Ende von FRST.txt ============================
|
|
23.02.2016, 16:26
| #4 |
| | Logs Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
durchgeführt von cletze (2016-02-23 16:19:59)
Gestartet von C:\Users\cletze\Downloads
Windows 10 Pro Version 1511 (X64) (2016-02-14 00:07:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1314259541-1698729379-4188840987-500 - Administrator - Disabled)
cletze (S-1-5-21-1314259541-1698729379-4188840987-1001 - Administrator - Enabled) => C:\Users\cletze
DefaultAccount (S-1-5-21-1314259541-1698729379-4188840987-503 - Limited - Disabled)
Gast (S-1-5-21-1314259541-1698729379-4188840987-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.1 - Daum Games EU)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Crucial Storage Executive (HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\Crucial Storage Executive 3.24.082015.05) (Version: 3.24.082015.05 - Crucial)
CrystalDiskInfo 6.7.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.2 - Crystal Dew World)
Curse Client (HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Epic Games Launcher (HKLM-x32\...\{9002F83C-DA49-411E-9CF0-111CB3979F9C}) (Version: 1.1.50.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVGA PrecisionX 16 (HKLM-x32\...\{425A0AAA-B049-4356-A81E-E089BC5AE934}) (Version: 5.3.10 - EVGA Corporation)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - WEBZEN Inc)
FlyFF (HKLM-x32\...\{B47D87A4-05B5-4AC3-B0D3-6543E1876D0E}_is1) (Version: - Webzen)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{185D7B00-8600-4716-A619-D8CBE689974B}) (Version: 4.40.560.0 - Futuremark)
GameVox 0.19.1.60 (x32 Version: 0.19.1.60 - GameVox LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM-x32\...\{CF7B20C3-C08E-422B-B6A1-225A9A0F13AC}) (Version: 1.01.206 - NETGEAR)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.16 - Black Tree Gaming)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.6.3 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{a3d6096e-8f34-4626-b226-2c0c603a2baf}) (Version: latest - ppy Pty Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
Rise of the Tomb Raider (HKLM-x32\...\Steam App 391220) (Version: - Crystal Dynamics)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.4.37822 - Electronic Arts)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft)
Tom Clancy's The Division Beta (HKLM-x32\...\Uplay Install 2036) (Version: - Ubisoft)
TwitchAlerts (HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 12.0 - Ubisoft)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
Warsow 2.01 (HKLM-x32\...\{24508D50-EC8F-4FE6-B69D-E5035D8745EA}_is1) (Version: 2.01 - Warsow Development Team)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1314259541-1698729379-4188840987-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\cletze\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0ED0F4ED-3DF3-4196-867C-3A4052C8CF3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {1E85CC86-AF0F-43FA-B1CC-45D7EBE5A5E5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
Task: {3176CC9B-0837-4AC6-B920-AE2CF029A601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {4DE53280-2625-4E2C-8F69-89ECE4E0F1E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {6D10CB9A-F216-40E6-B7DD-560F68E68E60} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\PrecisionX 16\PrecisionX_x64.exe [2015-11-09] (EVGA Corp.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-01-08 21:10 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-20 23:45 - 2015-11-27 01:57 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-14 01:03 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-17 13:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-17 13:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-05-27 14:51 - 2015-05-27 14:51 - 00156160 _____ () C:\Program Files (x86)\EVGA\PrecisionX 16\FW1FontWrapper_x64.dll
2016-02-17 13:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-02-17 13:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-17 13:45 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-17 13:44 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-17 13:45 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-17 13:45 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-21 08:30 - 2014-08-19 20:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-05 14:21 - 2016-01-11 18:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-10-20 19:48 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-10-20 19:48 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2015-07-08 07:58 - 2015-07-08 07:58 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-02-16 15:00 - 2016-02-16 15:00 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-10 18:14 - 2015-11-23 09:11 - 00175080 _____ () D:\Program Files (x86)\quazip.dll
2015-10-10 18:13 - 2015-11-23 09:11 - 00103400 _____ () D:\Program Files (x86)\soundbackends\directsound_win64.dll
2015-10-10 18:13 - 2015-11-23 09:11 - 00108008 _____ () D:\Program Files (x86)\soundbackends\windowsaudiosession_win64.dll
2016-01-28 21:43 - 2016-01-28 21:43 - 00262656 _____ () D:\Program Files (x86)\plugins\ClownfishForTeamspeak_win64.dll
2015-09-21 15:24 - 2015-09-21 15:24 - 00317440 _____ () D:\Program Files (x86)\ssleay32.dll
2015-09-21 15:24 - 2015-09-21 15:24 - 01709056 _____ () D:\Program Files (x86)\LIBEAY32.dll
2015-11-25 09:52 - 2014-11-04 11:06 - 00987136 _____ () D:\Program Files\FlyFF_EN\Flyff.exe
2015-11-20 23:19 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-20 19:48 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-10-01 07:28 - 2015-10-01 07:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-11-07 09:52 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\cletze\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-11-07 09:52 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\cletze\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-11-07 09:52 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\cletze\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-05-27 14:51 - 2015-05-27 14:51 - 00129536 _____ () C:\Program Files (x86)\EVGA\PrecisionX 16\FW1FontWrapper.dll
2016-02-16 15:00 - 2016-02-16 15:00 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-16 15:00 - 2016-02-16 15:00 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-25 09:52 - 2004-09-03 04:12 - 00137216 _____ () D:\Program Files\FlyFF_EN\mssmp3.asi
2015-11-25 09:52 - 2010-03-22 06:26 - 00041472 _____ () D:\Program Files\FlyFF_EN\mssogg.asi
2015-11-04 02:10 - 2015-07-15 16:35 - 00030976 _____ () D:\Program Files\FlyFF_EN\GameGuard\ggsig.des
2015-11-09 23:23 - 2015-11-09 23:22 - 00678809 _____ () D:\Program Files\FlyFF_EN\GameGuard\ggexp.des
2016-02-20 00:07 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 00:07 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-30 23:42 - 2015-07-30 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cletze\Desktop\Hintergründe\exoplanet-2560x1080-planet-space-stars-4322.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\StartupApproved\StartupFolder: => "GameVox.lnk"
HKU\S-1-5-21-1314259541-1698729379-4188840987-1001\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A8548F5B-3A91-4EF9-947C-A08EDE185DE2}] => (Allow) F:\Tomb Raider\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{4309D88A-1EDF-46A5-AE5E-88E57A747051}] => (Allow) F:\Tomb Raider\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{CD0448FC-8A3A-4632-A86D-838040C38F19}] => (Allow) F:\Tomb Raider\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{F8494144-D2FD-4936-B6F5-289FFE673915}] => (Allow) F:\Tomb Raider\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{31DCF08E-35E7-4CD4-9F8B-F7A75C1D4B1D}] => (Allow) F:\Tomb Raider\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{4E432BD7-FBD6-4B7F-83CA-5D3827B16060}] => (Allow) F:\Tomb Raider\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{BD3F89E4-7C1C-4381-B7FD-F39BC23560F6}] => (Allow) D:\Origin\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{1625055A-CF94-44BA-957C-5BCE4B912757}] => (Allow) D:\Origin\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{CA29FD34-D2FF-489B-AB7A-46CC75164717}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{D4002AA0-895D-4B30-9B3C-17C93949E0A3}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{CBDE0513-1C72-4D8C-BBFF-CC145AFA739B}E:\warsow 2.0\warsow_x64.exe] => (Allow) E:\warsow 2.0\warsow_x64.exe
FirewallRules: [TCP Query User{6062BCD2-598E-4CEE-8C56-EB927C81807F}E:\warsow 2.0\warsow_x64.exe] => (Allow) E:\warsow 2.0\warsow_x64.exe
FirewallRules: [UDP Query User{9EFCBB6C-F403-4623-87DD-3B660CCA9711}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
FirewallRules: [TCP Query User{20E38F7E-BF6D-4DCC-8069-CB969DC69493}C:\program files (x86)\smart port forwarding\spf.exe] => (Allow) C:\program files (x86)\smart port forwarding\spf.exe
FirewallRules: [{E1698678-3AD0-45FD-8707-3BBE5ABEE8CC}] => (Allow) D:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{2E7820E2-2931-485B-A5CD-2AC0A7C11A27}] => (Allow) D:\Origin\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{53C3879C-DAF8-43E2-916B-4FA8104B9E6B}] => (Allow) D:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{01BCECC2-FF51-49FD-BEBE-15518DEBE567}] => (Allow) D:\Origin\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{FCC8D773-0ADE-4579-BF87-33483C09A04E}C:\sinusbot\ts3bot.exe] => (Allow) C:\sinusbot\ts3bot.exe
FirewallRules: [TCP Query User{5D21D1D9-31F1-4696-B961-58CD0EFC30E9}C:\sinusbot\ts3bot.exe] => (Allow) C:\sinusbot\ts3bot.exe
FirewallRules: [{8902CD39-D127-4F36-A706-5CF230A622BC}] => (Allow) C:\Users\cletze\AppData\Roaming\Steganos\OkayFreedom\Proxy\node.exe
FirewallRules: [{4EBE7EBC-8288-4F80-A920-790728355A7B}] => (Allow) D:\Steam spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{D4E1EFA7-4A6F-4856-98D5-4E50B63ED7D1}] => (Allow) D:\Steam spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [UDP Query User{797B45C5-731E-4188-876E-A17FB35F33FB}E:\gta5\gta5.exe] => (Allow) E:\gta5\gta5.exe
FirewallRules: [TCP Query User{527B173D-A681-434F-9021-FD5C7FE4160D}E:\gta5\gta5.exe] => (Allow) E:\gta5\gta5.exe
FirewallRules: [UDP Query User{364277FE-F88F-43C1-B468-C80597B10684}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{EEB261F3-77B4-412A-9E1E-CC5BE9713CBF}C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [{D1197766-AA18-4108-B88A-6B19A59162BD}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{A32AC460-1866-4AF7-856B-0ADBB3A21737}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{A9FE2F59-B6F9-41B2-A95A-03958C3B8287}] => (Allow) E:\GTA5.exe
FirewallRules: [{73CA0013-6DC1-4FA4-AD11-24ADBF5D1F3A}] => (Allow) E:\GTA5.exe
FirewallRules: [{42A3A202-477A-43BB-B38F-9D9D7CF879A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3758CB3A-433D-4BB2-825E-0F5B1CA06ACD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E367893-5743-45D4-B0D2-63ABE2A04057}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{99FC1B37-CF80-4104-A44A-30FCC60E3567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6CBE1BAB-3173-40D1-9086-9E4B32E265B0}] => (Allow) E:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{5379F663-778B-42D1-A6BB-1B107B95CC65}] => (Allow) E:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{ED7BFA05-251F-4CC0-A1A1-5BE5C4B7838F}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{B70187E4-CE2A-474C-81CE-C420334D2CD5}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe
FirewallRules: [{78537056-4E88-4636-812E-B062AB3E63DC}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{44F4D86A-AB95-45FA-B672-9B7DB185B4DE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6FDF2B20-3A47-498A-A0B8-0B931A0CA35E}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{99C0D4D8-24E2-4D45-8041-06DE8395B8CC}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrB.exe
FirewallRules: [{935C3F0E-7CA4-4D16-826B-39F74FEAA25F}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CF0745F-9536-4C1E-B182-9AF434F6608A}] => (Allow) C:\WINDOWS\SysWOW64\PnkBstrA.exe
FirewallRules: [{4DD1CFC8-432A-4625-80A7-0FE5B9A8564B}] => (Allow) G:\Skyrim\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{620C1DF7-8C02-44D7-B2EF-DB781B5B86BE}] => (Allow) G:\Skyrim\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0C924336-02BD-46E8-8E8A-2EB604A12E9E}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{772F95CA-B8DB-4A12-8075-9546FA5A3F53}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{98EFBF28-B091-4A5A-908E-9965E65F5634}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8AC904D-35CD-4080-8BE1-89F05383554C}] => (Allow) G:\Skyrim\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{573F848E-54EE-4835-BDBF-B76FE16F2068}] => (Allow) G:\Skyrim\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3499C89F-E678-4DF6-A75F-04D5FCD4B318}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CE983921-4EE4-4831-89D7-4905B9B42A84}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [UDP Query User{27818C80-D3E4-4F23-9DE9-07DC59765F39}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{5EE26C6F-6692-4B0A-BF1F-30D73BCBF849}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{9995BB7E-31ED-4C60-B9E1-27541632CA05}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A2C8EC2E-1413-44B8-B534-C9D61DE8A983}] => (Allow) E:\The Witcher 3\steamapps\common\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{4D3648E7-8AD3-4C79-A481-C7C6EF986FDC}E:\the witcher 3\steamapps\common\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\the witcher 3\steamapps\common\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [TCP Query User{87B76E27-A38E-44C4-8A3D-2DBF8B622D5A}E:\the witcher 3\steamapps\common\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\the witcher 3\steamapps\common\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{EE8630EE-0A01-4EFE-81E5-69D093175DF9}] => (Allow) G:\Games\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{BE42B99A-6557-4E5F-83A9-316D55AF8F7E}] => (Allow) G:\Games\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{74896119-32AB-4EF2-B264-8D22A762D6E7}] => (Allow) G:\Games\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{8C759A2C-D70E-4F3F-B058-7B8F3FF0C1EF}] => (Allow) G:\Games\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{C7270EA2-698B-4BFA-B941-16BB3D4F6F91}G:\games\origin games\battlefield 4\bf4.exe] => (Allow) G:\games\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{6CA0EF40-F324-41BA-BC2C-EB896614BE60}G:\games\origin games\battlefield 4\bf4.exe] => (Allow) G:\games\origin games\battlefield 4\bf4.exe
FirewallRules: [{F3077107-0922-484A-9260-5B50F06C4AB3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3A5BB6A8-409B-4B0B-BF29-BF2F8ACE5C9F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D14C39E6-6215-4CC4-A2F1-7FCD7C3CD2A1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{09ED63DA-530B-4509-A11D-896857EA1097}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0AE0326D-FFF8-4E3C-A92E-19FAE05464EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{049B8A29-DED7-43A1-9CE5-FB4AF02A43D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7E61BB6B-6A27-4226-9C4A-71FF0EFE7F73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9AC21CB9-4C82-4676-B645-14FB76FF6546}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2E6E4254-0E75-4670-B13F-0D08E967246B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E40B4985-65BC-428F-8671-0B9CC2EDD7B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{45DE07FC-0883-407A-BABC-7E940D9F480F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BA580998-6F0D-479E-B4C8-83A7F2324353}] => (Allow) C:\Users\cletze\Downloads\bin\BlackDesert32.exe
FirewallRules: [{C0769BEF-77E8-4347-92B4-6131AE90F24B}] => (Allow) C:\Users\cletze\Downloads\bin64\BlackDesert64.exe
FirewallRules: [{EB1F48D9-CA0A-47BD-A3ED-63A8603C60A0}] => (Allow) C:\Users\cletze\Downloads\BlackDesert_Launcher.exe
FirewallRules: [{9764A965-3488-421D-8897-25FCE92E6324}] => (Allow) C:\Users\cletze\Downloads\BlackDesert_Downloader.exe
FirewallRules: [{7E3F5E87-BE85-444B-9BEB-5881496B351A}] => (Allow) F:\Tom Clancy's The Division Beta\TheDivision.exe
FirewallRules: [{04078681-ED96-4635-BC9C-2F3D2DBEBADC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6DF0ADE0-F4CA-4A49-9524-18C349E6565E}] => (Allow) D:\Steam spiele\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{48DA2367-C7F4-4DF8-BECD-6595891A68DB}] => (Allow) D:\Steam spiele\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/23/2016 04:19:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Wacom_Tablet.exe, Version: 6.3.15.3, Zeitstempel: 0x5693e4c6
Name des fehlerhaften Moduls: Wacom_Tablet.exe, Version: 6.3.15.3, Zeitstempel: 0x5693e4c6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000216c48
ID des fehlerhaften Prozesses: 0x14240
Startzeit der fehlerhaften Anwendung: 0xWacom_Tablet.exe0
Pfad der fehlerhaften Anwendung: Wacom_Tablet.exe1
Pfad des fehlerhaften Moduls: Wacom_Tablet.exe2
Berichtskennung: Wacom_Tablet.exe3
Vollständiger Name des fehlerhaften Pakets: Wacom_Tablet.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Wacom_Tablet.exe5
Error: (02/22/2016 09:52:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Wacom_Tablet.exe, Version: 6.3.15.3, Zeitstempel: 0x5693e4c6
Name des fehlerhaften Moduls: Wacom_Tablet.exe, Version: 6.3.15.3, Zeitstempel: 0x5693e4c6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000216c48
ID des fehlerhaften Prozesses: 0x13e2c
Startzeit der fehlerhaften Anwendung: 0xWacom_Tablet.exe0
Pfad der fehlerhaften Anwendung: Wacom_Tablet.exe1
Pfad des fehlerhaften Moduls: Wacom_Tablet.exe2
Berichtskennung: Wacom_Tablet.exe3
Vollständiger Name des fehlerhaften Pakets: Wacom_Tablet.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Wacom_Tablet.exe5
Error: (02/22/2016 08:30:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (02/22/2016 08:30:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (02/22/2016 03:55:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: conhost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8aa
Name des fehlerhaften Moduls: npggNT64.des_unloaded, Version: 2015.12.23.1, Zeitstempel: 0x567a5c23
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000013410
ID des fehlerhaften Prozesses: 0x14db0
Startzeit der fehlerhaften Anwendung: 0xconhost.exe0
Pfad der fehlerhaften Anwendung: conhost.exe1
Pfad des fehlerhaften Moduls: conhost.exe2
Berichtskennung: conhost.exe3
Vollständiger Name des fehlerhaften Pakets: conhost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: conhost.exe5
Error: (02/21/2016 06:00:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.35, Zeitstempel: 0x566505bc
Name des fehlerhaften Moduls: npggNT64.des_unloaded, Version: 2015.12.23.1, Zeitstempel: 0x567a5c23
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000017a71
ID des fehlerhaften Prozesses: 0x58c8
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5
Error: (02/21/2016 12:00:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (02/21/2016 12:00:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (02/21/2016 12:00:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (02/21/2016 12:00:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Systemfehler:
=============
Error: (02/22/2016 11:17:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_c96b2dc erreicht.
Error: (02/22/2016 11:17:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_c96b2dc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/22/2016 11:17:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/22/2016 10:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/22/2016 10:27:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\cletze\AppData\Local\Temp\ehdrv.sys
Error: (02/22/2016 10:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/22/2016 10:27:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\cletze\AppData\Local\Temp\ehdrv.sys
Error: (02/22/2016 10:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (02/22/2016 10:27:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\cletze\AppData\Local\Temp\ehdrv.sys
Error: (02/22/2016 10:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
CodeIntegrity:
===================================
Date: 2016-02-21 01:22:06.037
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-18 13:34:38.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-14 01:06:37.314
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-14 01:06:36.938
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-14 01:02:56.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16325.76 MB
Verfügbarer physikalischer RAM: 11062.26 MB
Summe virtueller Speicher: 18757.76 MB
Verfügbarer virtueller Speicher: 13120.33 MB
==================== Laufwerke ================================
Drive c: (SSD_WIN7) (Fixed) (Total:118.7 GB) (Free:19.2 GB) NTFS
Drive d: () (Fixed) (Total:232.33 GB) (Free:0.52 GB) NTFS
Drive e: (SSD 840 Pro) (Fixed) (Total:232.88 GB) (Free:44.47 GB) NTFS
Drive f: (Volume) (Fixed) (Total:447.13 GB) (Free:224.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: CA676AD4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 2AF7C198)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E0140ECC)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 4C8991B3)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
23.02.2016, 21:48
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Hi, Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
23.02.2016, 21:54
| #6 |
| | SkypeVirus? ausversehen diesen Link geklickt :/ was nunCode:
ATTFilter 21:52:18.0519 0x2c58c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:52:26.0856 0x2c58c ============================================================
21:52:26.0856 0x2c58c Current date / time: 2016/02/23 21:52:26.0856
21:52:26.0856 0x2c58c SystemInfo:
21:52:26.0858 0x2c58c
21:52:26.0858 0x2c58c OS Version: 10.0.10586 ServicePack: 0.0
21:52:26.0858 0x2c58c Product type: Workstation
21:52:26.0858 0x2c58c ComputerName: MEINPC
21:52:26.0858 0x2c58c UserName: cletze
21:52:26.0858 0x2c58c Windows directory: C:\WINDOWS
21:52:26.0858 0x2c58c System windows directory: C:\WINDOWS
21:52:26.0858 0x2c58c Running under WOW64
21:52:26.0858 0x2c58c Processor architecture: Intel x64
21:52:26.0858 0x2c58c Number of processors: 8
21:52:26.0858 0x2c58c Page size: 0x1000
21:52:26.0858 0x2c58c Boot type: Normal boot
21:52:26.0858 0x2c58c ============================================================
21:52:26.0892 0x2c58c KLMD registered as C:\WINDOWS\system32\drivers\42671187.sys
21:52:27.0317 0x2c58c System UUID: {54C202A0-B54C-4AB3-2564-62171F04080A}
21:52:27.0651 0x2c58c Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:52:27.0653 0x2c58c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:52:27.0654 0x2c58c Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:52:27.0655 0x2c58c Drive \Device\Harddisk3\DR3 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:52:27.0659 0x2c58c ============================================================
21:52:27.0659 0x2c58c \Device\Harddisk0\DR0:
21:52:27.0659 0x2c58c MBR partitions:
21:52:27.0659 0x2c58c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:52:27.0659 0x2c58c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xED68000
21:52:27.0659 0x2c58c \Device\Harddisk1\DR1:
21:52:27.0660 0x2c58c GPT partitions:
21:52:27.0660 0x2c58c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {508F5F3D-59F2-44EB-BB9C-894FBA555C8C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
21:52:27.0660 0x2c58c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6B70692E-D9F9-4518-B027-6D8B45267947}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
21:52:27.0660 0x2c58c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2047E7D2-561C-472F-A73B-B493984666C3}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
21:52:27.0660 0x2c58c \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AFDAA5EC-3BC6-4589-8B35-D5AC0E7C1FA5}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1D0AA000
21:52:27.0660 0x2c58c MBR partitions:
21:52:27.0660 0x2c58c \Device\Harddisk2\DR2:
21:52:27.0660 0x2c58c MBR partitions:
21:52:27.0660 0x2c58c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
21:52:27.0660 0x2c58c \Device\Harddisk3\DR3:
21:52:27.0660 0x2c58c MBR partitions:
21:52:27.0660 0x2c58c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37E42000
21:52:27.0660 0x2c58c ============================================================
21:52:27.0661 0x2c58c C: <-> \Device\Harddisk0\DR0\Partition2
21:52:27.0662 0x2c58c D: <-> \Device\Harddisk1\DR1\Partition4
21:52:27.0664 0x2c58c E: <-> \Device\Harddisk2\DR2\Partition1
21:52:27.0665 0x2c58c F: <-> \Device\Harddisk3\DR3\Partition1
21:52:27.0665 0x2c58c ============================================================
21:52:27.0665 0x2c58c Initialize success
21:52:27.0665 0x2c58c ============================================================
21:52:52.0600 0x2c7b8 ============================================================
21:52:52.0600 0x2c7b8 Scan started
21:52:52.0600 0x2c7b8 Mode: Manual; SigCheck; TDLFS;
21:52:52.0600 0x2c7b8 ============================================================
21:52:52.0600 0x2c7b8 KSN ping started
21:52:54.0962 0x2c7b8 KSN ping finished: true
21:52:55.0411 0x2c7b8 ================ Scan system memory ========================
21:52:55.0411 0x2c7b8 System memory - ok
21:52:55.0411 0x2c7b8 ================ Scan services =============================
21:52:55.0454 0x2c7b8 1394ohci - ok
21:52:55.0456 0x2c7b8 3ware - ok
21:52:55.0458 0x2c7b8 ACPI - ok
21:52:55.0460 0x2c7b8 acpiex - ok
21:52:55.0461 0x2c7b8 acpipagr - ok
21:52:55.0463 0x2c7b8 AcpiPmi - ok
21:52:55.0464 0x2c7b8 acpitime - ok
21:52:55.0465 0x2c7b8 ADP80XX - ok
21:52:55.0467 0x2c7b8 AFD - ok
21:52:55.0469 0x2c7b8 agp440 - ok
21:52:55.0507 0x2c7b8 [ 8BA0756C7B80D039212F9BB957D84727, 2EFED9D87E37A95F7216D879FA2E054AE105DC5280F7393540C812C296E4FDAC ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:52:55.0555 0x2c7b8 AGSService - ok
21:52:55.0561 0x2c7b8 ahcache - ok
21:52:55.0562 0x2c7b8 AJRouter - ok
21:52:55.0564 0x2c7b8 ALG - ok
21:52:55.0565 0x2c7b8 AmdK8 - ok
21:52:55.0569 0x2c7b8 AmdPPM - ok
21:52:55.0572 0x2c7b8 amdsata - ok
21:52:55.0576 0x2c7b8 amdsbs - ok
21:52:55.0580 0x2c7b8 amdxata - ok
21:52:55.0584 0x2c7b8 AppID - ok
21:52:55.0588 0x2c7b8 AppIDSvc - ok
21:52:55.0591 0x2c7b8 Appinfo - ok
21:52:55.0594 0x2c7b8 AppMgmt - ok
21:52:55.0597 0x2c7b8 AppReadiness - ok
21:52:55.0599 0x2c7b8 AppXSvc - ok
21:52:55.0602 0x2c7b8 arcsas - ok
21:52:55.0604 0x2c7b8 AsyncMac - ok
21:52:55.0609 0x2c7b8 atapi - ok
21:52:55.0613 0x2c7b8 AudioEndpointBuilder - ok
21:52:55.0617 0x2c7b8 Audiosrv - ok
21:52:55.0621 0x2c7b8 AxInstSV - ok
21:52:55.0624 0x2c7b8 b06bdrv - ok
21:52:55.0629 0x2c7b8 B5971947 - ok
21:52:55.0633 0x2c7b8 BasicDisplay - ok
21:52:55.0635 0x2c7b8 BasicRender - ok
21:52:55.0642 0x2c7b8 [ 09391BA416AA29682298A612FDFDD7B8, D889679C25DA37212E2E0E08E4B2CF774FFF395E83BCD168B240A59E74204070 ] BazisVirtualCDBus C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys
21:52:55.0652 0x2c7b8 BazisVirtualCDBus - ok
21:52:55.0656 0x2c7b8 bcmfn - ok
21:52:55.0658 0x2c7b8 bcmfn2 - ok
21:52:55.0682 0x2c7b8 [ 44E6E51AEDBF3E0B38A6CD5432649E57, AB7F3EF0F5859B6C759BF1B9704C2F839166905C02300057997836C4B07A2221 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys
21:52:55.0704 0x2c7b8 BCMH43XX - ok
21:52:55.0708 0x2c7b8 BDESVC - ok
21:52:55.0713 0x2c7b8 Beep - ok
21:52:55.0740 0x2c7b8 [ DA27D806461256EBF525FFBA2148C675, 500CD8F47BAAA612180E220849E01250FED8F49BBCE2ABA361D9B3C63BE3E93A ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:52:55.0764 0x2c7b8 BEService - ok
21:52:55.0768 0x2c7b8 BFE - ok
21:52:55.0771 0x2c7b8 BITS - ok
21:52:55.0774 0x2c7b8 bowser - ok
21:52:55.0778 0x2c7b8 BrokerInfrastructure - ok
21:52:55.0782 0x2c7b8 Browser - ok
21:52:55.0787 0x2c7b8 BthAvrcpTg - ok
21:52:55.0790 0x2c7b8 BthHFEnum - ok
21:52:55.0793 0x2c7b8 bthhfhid - ok
21:52:55.0796 0x2c7b8 BthHFSrv - ok
21:52:55.0799 0x2c7b8 BTHMODEM - ok
21:52:55.0803 0x2c7b8 bthserv - ok
21:52:55.0807 0x2c7b8 buttonconverter - ok
21:52:55.0811 0x2c7b8 CapImg - ok
21:52:55.0815 0x2c7b8 cdfs - ok
21:52:55.0818 0x2c7b8 CDPSvc - ok
21:52:55.0821 0x2c7b8 cdrom - ok
21:52:55.0824 0x2c7b8 CertPropSvc - ok
21:52:55.0827 0x2c7b8 circlass - ok
21:52:55.0830 0x2c7b8 CLFS - ok
21:52:55.0833 0x2c7b8 ClipSVC - ok
21:52:55.0843 0x2c7b8 CmBatt - ok
21:52:55.0887 0x2c7b8 [ 12145BABD827F3B68B27A4F73B7284CD, 29F539A3CE770D9B719FCDF055FCCD46353FC2A3752DCAE95F3C171CB40D1A44 ] cmudaxp C:\WINDOWS\system32\drivers\cmudaxp.sys
21:52:55.0953 0x2c7b8 cmudaxp - ok
21:52:55.0959 0x2c7b8 CNG - ok
21:52:55.0961 0x2c7b8 cnghwassist - ok
21:52:55.0977 0x2c7b8 CompositeBus - ok
21:52:55.0980 0x2c7b8 COMSysApp - ok
21:52:55.0982 0x2c7b8 condrv - ok
21:52:55.0984 0x2c7b8 CoreMessagingRegistrar - ok
21:52:55.0989 0x2c7b8 CryptSvc - ok
21:52:55.0991 0x2c7b8 CSC - ok
21:52:55.0993 0x2c7b8 CscService - ok
21:52:55.0995 0x2c7b8 dam - ok
21:52:55.0999 0x2c7b8 DcomLaunch - ok
21:52:56.0001 0x2c7b8 DcpSvc - ok
21:52:56.0003 0x2c7b8 defragsvc - ok
21:52:56.0006 0x2c7b8 DeviceAssociationService - ok
21:52:56.0010 0x2c7b8 DeviceInstall - ok
21:52:56.0012 0x2c7b8 DevQueryBroker - ok
21:52:56.0015 0x2c7b8 Dfsc - ok
21:52:56.0018 0x2c7b8 Dhcp - ok
21:52:56.0020 0x2c7b8 diagnosticshub.standardcollector.service - ok
21:52:56.0023 0x2c7b8 DiagTrack - ok
21:52:56.0026 0x2c7b8 disk - ok
21:52:56.0029 0x2c7b8 DmEnrollmentSvc - ok
21:52:56.0031 0x2c7b8 dmvsc - ok
21:52:56.0033 0x2c7b8 dmwappushservice - ok
21:52:56.0035 0x2c7b8 Dnscache - ok
21:52:56.0038 0x2c7b8 dot3svc - ok
21:52:56.0040 0x2c7b8 DPS - ok
21:52:56.0044 0x2c7b8 drmkaud - ok
21:52:56.0046 0x2c7b8 DsmSvc - ok
21:52:56.0049 0x2c7b8 DsSvc - ok
21:52:56.0052 0x2c7b8 DXGKrnl - ok
21:52:56.0054 0x2c7b8 e1iexpress - ok
21:52:56.0057 0x2c7b8 Eaphost - ok
21:52:56.0059 0x2c7b8 ebdrv - ok
21:52:56.0061 0x2c7b8 EFS - ok
21:52:56.0063 0x2c7b8 EhStorClass - ok
21:52:56.0065 0x2c7b8 EhStorTcgDrv - ok
21:52:56.0067 0x2c7b8 embeddedmode - ok
21:52:56.0069 0x2c7b8 EntAppSvc - ok
21:52:56.0071 0x2c7b8 ErrDev - ok
21:52:56.0077 0x2c7b8 EventSystem - ok
21:52:56.0079 0x2c7b8 exfat - ok
21:52:56.0082 0x2c7b8 fastfat - ok
21:52:56.0084 0x2c7b8 Fax - ok
21:52:56.0086 0x2c7b8 fdc - ok
21:52:56.0088 0x2c7b8 fdPHost - ok
21:52:56.0090 0x2c7b8 FDResPub - ok
21:52:56.0093 0x2c7b8 fhsvc - ok
21:52:56.0095 0x2c7b8 FileCrypt - ok
21:52:56.0097 0x2c7b8 FileInfo - ok
21:52:56.0099 0x2c7b8 Filetrace - ok
21:52:56.0102 0x2c7b8 flpydisk - ok
21:52:56.0104 0x2c7b8 FltMgr - ok
21:52:56.0106 0x2c7b8 FontCache - ok
21:52:56.0110 0x2c7b8 FontCache3.0.0.0 - ok
21:52:56.0113 0x2c7b8 FsDepends - ok
21:52:56.0115 0x2c7b8 Fs_Rec - ok
21:52:56.0123 0x2c7b8 [ 18AEB680709A01F0FAA74165EE995F39, FBBEDD9A5BA1F620C6F71647550372C0C5A21C342272BB284CF797CC572487E7 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
21:52:56.0132 0x2c7b8 Futuremark SystemInfo Service - ok
21:52:56.0136 0x2c7b8 fvevol - ok
21:52:56.0138 0x2c7b8 gagp30kx - ok
21:52:56.0141 0x2c7b8 gencounter - ok
21:52:56.0144 0x2c7b8 genericusbfn - ok
21:52:56.0165 0x2c7b8 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:52:56.0187 0x2c7b8 GfExperienceService - ok
21:52:56.0190 0x2c7b8 GPIOClx0101 - ok
21:52:56.0192 0x2c7b8 gpsvc - ok
21:52:56.0194 0x2c7b8 GpuEnergyDrv - ok
21:52:56.0199 0x2c7b8 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:56.0204 0x2c7b8 gupdate - ok
21:52:56.0209 0x2c7b8 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:52:56.0215 0x2c7b8 gupdatem - ok
21:52:56.0218 0x2c7b8 HdAudAddService - ok
21:52:56.0220 0x2c7b8 HDAudBus - ok
21:52:56.0222 0x2c7b8 HidBatt - ok
21:52:56.0224 0x2c7b8 HidBth - ok
21:52:56.0226 0x2c7b8 hidi2c - ok
21:52:56.0228 0x2c7b8 hidinterrupt - ok
21:52:56.0230 0x2c7b8 HidIr - ok
21:52:56.0233 0x2c7b8 [ 9BC9CC2921F91D685FC63AD43528F72A, 1F717F369B50E0DD98178417C1ACEF31521E8F077CF0052D27453651E5EA847D ] hidkmdf C:\WINDOWS\System32\drivers\hidkmdf.sys
21:52:56.0237 0x2c7b8 hidkmdf - ok
21:52:56.0239 0x2c7b8 hidserv - ok
21:52:56.0242 0x2c7b8 HidUsb - ok
21:52:56.0245 0x2c7b8 HomeGroupListener - ok
21:52:56.0248 0x2c7b8 HomeGroupProvider - ok
21:52:56.0250 0x2c7b8 HpSAMD - ok
21:52:56.0253 0x2c7b8 HTTP - ok
21:52:56.0255 0x2c7b8 hwpolicy - ok
21:52:56.0258 0x2c7b8 hyperkbd - ok
21:52:56.0260 0x2c7b8 i8042prt - ok
21:52:56.0262 0x2c7b8 iai2c - ok
21:52:56.0264 0x2c7b8 iaLPSS2i_I2C - ok
21:52:56.0266 0x2c7b8 iaLPSSi_GPIO - ok
21:52:56.0268 0x2c7b8 iaLPSSi_I2C - ok
21:52:56.0270 0x2c7b8 iaStorAV - ok
21:52:56.0273 0x2c7b8 iaStorV - ok
21:52:56.0276 0x2c7b8 ibbus - ok
21:52:56.0279 0x2c7b8 icssvc - ok
21:52:56.0281 0x2c7b8 IEEtwCollectorService - ok
21:52:56.0284 0x2c7b8 IKEEXT - ok
21:52:56.0286 0x2c7b8 intelide - ok
21:52:56.0288 0x2c7b8 intelpep - ok
21:52:56.0290 0x2c7b8 intelppm - ok
21:52:56.0294 0x2c7b8 IoQos - ok
21:52:56.0297 0x2c7b8 IpFilterDriver - ok
21:52:56.0299 0x2c7b8 iphlpsvc - ok
21:52:56.0302 0x2c7b8 IPMIDRV - ok
21:52:56.0305 0x2c7b8 IPNAT - ok
21:52:56.0309 0x2c7b8 IRENUM - ok
21:52:56.0313 0x2c7b8 isapnp - ok
21:52:56.0316 0x2c7b8 iScsiPrt - ok
21:52:56.0321 0x2c7b8 [ E489D12FF435AEEF4A5474C47D329590, 66A01F63EE4F66C0CD5BB9BF20E1722D57CC8252AC126780800806B536F4CEA9 ] ISODrive C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
21:52:56.0328 0x2c7b8 ISODrive - ok
21:52:56.0330 0x2c7b8 kbdclass - ok
21:52:56.0332 0x2c7b8 kbdhid - ok
21:52:56.0334 0x2c7b8 kdnic - ok
21:52:56.0337 0x2c7b8 KeyIso - ok
21:52:56.0339 0x2c7b8 KSecDD - ok
21:52:56.0343 0x2c7b8 KSecPkg - ok
21:52:56.0345 0x2c7b8 ksthunk - ok
21:52:56.0348 0x2c7b8 KtmRm - ok
21:52:56.0350 0x2c7b8 LanmanServer - ok
21:52:56.0352 0x2c7b8 LanmanWorkstation - ok
21:52:56.0355 0x2c7b8 lfsvc - ok
21:52:56.0358 0x2c7b8 LicenseManager - ok
21:52:56.0360 0x2c7b8 lltdio - ok
21:52:56.0362 0x2c7b8 lltdsvc - ok
21:52:56.0364 0x2c7b8 lmhosts - ok
21:52:56.0367 0x2c7b8 LSI_SAS - ok
21:52:56.0370 0x2c7b8 LSI_SAS2i - ok
21:52:56.0372 0x2c7b8 LSI_SAS3i - ok
21:52:56.0375 0x2c7b8 LSI_SSS - ok
21:52:56.0378 0x2c7b8 LSM - ok
21:52:56.0380 0x2c7b8 luafv - ok
21:52:56.0388 0x2c7b8 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
21:52:56.0397 0x2c7b8 lvrs64 - ok
21:52:56.0470 0x2c7b8 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
21:52:56.0540 0x2c7b8 LVUVC64 - ok
21:52:56.0548 0x2c7b8 MapsBroker - ok
21:52:56.0551 0x2c7b8 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:52:56.0555 0x2c7b8 MBAMProtector - ok
21:52:56.0576 0x2c7b8 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:52:56.0596 0x2c7b8 MBAMService - ok
21:52:56.0601 0x2c7b8 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:52:56.0606 0x2c7b8 MBAMWebAccessControl - ok
21:52:56.0609 0x2c7b8 megasas - ok
21:52:56.0611 0x2c7b8 megasr - ok
21:52:56.0617 0x2c7b8 [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:52:56.0625 0x2c7b8 MEIx64 - ok
21:52:56.0628 0x2c7b8 MessagingService - ok
21:52:56.0637 0x2c7b8 mlx4_bus - ok
21:52:56.0640 0x2c7b8 MMCSS - ok
21:52:56.0642 0x2c7b8 Modem - ok
21:52:56.0645 0x2c7b8 monitor - ok
21:52:56.0647 0x2c7b8 mouclass - ok
21:52:56.0649 0x2c7b8 mouhid - ok
21:52:56.0652 0x2c7b8 mountmgr - ok
21:52:56.0656 0x2c7b8 [ 9763F3C17AC8C095C4419482BD1484BA, 5E329D63ADF7ADAF615DF45F7A0C1E9528B1A5CEE50B6340CEE8584EFE285FB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:52:56.0662 0x2c7b8 MozillaMaintenance - ok
21:52:56.0665 0x2c7b8 mpsdrv - ok
21:52:56.0667 0x2c7b8 MpsSvc - ok
21:52:56.0670 0x2c7b8 MRxDAV - ok
21:52:56.0673 0x2c7b8 mrxsmb - ok
21:52:56.0676 0x2c7b8 mrxsmb10 - ok
21:52:56.0678 0x2c7b8 mrxsmb20 - ok
21:52:56.0682 0x2c7b8 MsBridge - ok
21:52:56.0684 0x2c7b8 MSDTC - ok
21:52:56.0688 0x2c7b8 Msfs - ok
21:52:56.0690 0x2c7b8 msgpiowin32 - ok
21:52:56.0692 0x2c7b8 mshidkmdf - ok
21:52:56.0695 0x2c7b8 mshidumdf - ok
21:52:56.0697 0x2c7b8 msisadrv - ok
21:52:56.0699 0x2c7b8 MSiSCSI - ok
21:52:56.0701 0x2c7b8 msiserver - ok
21:52:56.0704 0x2c7b8 MSKSSRV - ok
21:52:56.0707 0x2c7b8 MsLldp - ok
21:52:56.0709 0x2c7b8 MSPCLOCK - ok
21:52:56.0712 0x2c7b8 MSPQM - ok
21:52:56.0714 0x2c7b8 MsRPC - ok
21:52:56.0719 0x2c7b8 mssmbios - ok
21:52:56.0722 0x2c7b8 MSTEE - ok
21:52:56.0724 0x2c7b8 MTConfig - ok
21:52:56.0726 0x2c7b8 Mup - ok
21:52:56.0728 0x2c7b8 mvumis - ok
21:52:56.0731 0x2c7b8 NativeWifiP - ok
21:52:56.0734 0x2c7b8 NcaSvc - ok
21:52:56.0736 0x2c7b8 NcbService - ok
21:52:56.0739 0x2c7b8 NcdAutoSetup - ok
21:52:56.0741 0x2c7b8 ndfltr - ok
21:52:56.0744 0x2c7b8 NDIS - ok
21:52:56.0746 0x2c7b8 NdisCap - ok
21:52:56.0748 0x2c7b8 NdisImPlatform - ok
21:52:56.0750 0x2c7b8 NdisTapi - ok
21:52:56.0752 0x2c7b8 Ndisuio - ok
21:52:56.0754 0x2c7b8 NdisVirtualBus - ok
21:52:56.0756 0x2c7b8 NdisWan - ok
21:52:56.0758 0x2c7b8 ndiswanlegacy - ok
21:52:56.0760 0x2c7b8 ndproxy - ok
21:52:56.0763 0x2c7b8 Ndu - ok
21:52:56.0765 0x2c7b8 NetBIOS - ok
21:52:56.0768 0x2c7b8 NetBT - ok
21:52:56.0770 0x2c7b8 Netlogon - ok
21:52:56.0773 0x2c7b8 Netman - ok
21:52:56.0775 0x2c7b8 netprofm - ok
21:52:56.0778 0x2c7b8 NetSetupSvc - ok
21:52:56.0780 0x2c7b8 NetTcpPortSharing - ok
21:52:56.0784 0x2c7b8 NgcCtnrSvc - ok
21:52:56.0787 0x2c7b8 NgcSvc - ok
21:52:56.0789 0x2c7b8 NlaSvc - ok
21:52:56.0791 0x2c7b8 Npfs - ok
21:52:56.0793 0x2c7b8 npggsvc - ok
21:52:56.0796 0x2c7b8 npsvctrig - ok
21:52:56.0798 0x2c7b8 nsi - ok
21:52:56.0800 0x2c7b8 nsiproxy - ok
21:52:56.0803 0x2c7b8 NTFS - ok
21:52:56.0806 0x2c7b8 Null - ok
21:52:56.0811 0x2c7b8 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
21:52:56.0818 0x2c7b8 NVHDA - ok
21:52:57.0017 0x2c7b8 [ 2C5C31D18A238768346B896DCE154DBF, A6CD62787B1D57EE63A75B61063B0FEB2193571DF20845F52F6DBF42DC6C6110 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:52:57.0194 0x2c7b8 nvlddmkm - ok
21:52:57.0235 0x2c7b8 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:52:57.0265 0x2c7b8 NvNetworkService - ok
21:52:57.0268 0x2c7b8 nvraid - ok
21:52:57.0270 0x2c7b8 nvstor - ok
21:52:57.0273 0x2c7b8 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:52:57.0277 0x2c7b8 NvStreamKms - ok
21:52:57.0373 0x2c7b8 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
21:52:57.0468 0x2c7b8 NvStreamNetworkSvc - ok
21:52:57.0548 0x2c7b8 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:52:57.0620 0x2c7b8 NvStreamSvc - ok
21:52:57.0647 0x2c7b8 [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B, C72B9FEC5354ED38F0CB08ACE64811307B97154B518EF618EA04F6E48376C5BE ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:52:57.0677 0x2c7b8 nvsvc - ok
21:52:57.0681 0x2c7b8 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:52:57.0686 0x2c7b8 nvvad_WaveExtensible - ok
21:52:57.0688 0x2c7b8 nv_agp - ok
21:52:57.0696 0x2c7b8 [ BBADDD6B22005AC66802483885C8CFD3, C37E97F60DB9820EF56AF72B08FB86CFFADD641CB7C8E71B91F184536AB116D7 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
21:52:57.0706 0x2c7b8 OkayFreedom VPN Starter Service - ok
21:52:57.0709 0x2c7b8 OneSyncSvc - ok
21:52:57.0750 0x2c7b8 [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:52:57.0786 0x2c7b8 Origin Client Service - ok
21:52:57.0790 0x2c7b8 p2pimsvc - ok
21:52:57.0793 0x2c7b8 p2psvc - ok
21:52:57.0795 0x2c7b8 Parport - ok
21:52:57.0798 0x2c7b8 partmgr - ok
21:52:57.0800 0x2c7b8 PcaSvc - ok
21:52:57.0802 0x2c7b8 pci - ok
21:52:57.0806 0x2c7b8 pciide - ok
21:52:57.0809 0x2c7b8 pcmcia - ok
21:52:57.0811 0x2c7b8 pcw - ok
21:52:57.0814 0x2c7b8 pdc - ok
21:52:57.0816 0x2c7b8 PEAUTH - ok
21:52:57.0818 0x2c7b8 PeerDistSvc - ok
21:52:57.0820 0x2c7b8 percsas2i - ok
21:52:57.0823 0x2c7b8 percsas3i - ok
21:52:57.0848 0x2c7b8 PerfHost - ok
21:52:57.0854 0x2c7b8 PhoneSvc - ok
21:52:57.0856 0x2c7b8 PimIndexMaintenanceSvc - ok
21:52:57.0864 0x2c7b8 pla - ok
21:52:57.0866 0x2c7b8 PlugPlay - ok
21:52:57.0870 0x2c7b8 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
21:52:57.0880 0x2c7b8 PnkBstrA - ok
21:52:57.0883 0x2c7b8 PNRPAutoReg - ok
21:52:57.0885 0x2c7b8 PNRPsvc - ok
21:52:57.0888 0x2c7b8 PolicyAgent - ok
21:52:57.0891 0x2c7b8 Power - ok
21:52:57.0894 0x2c7b8 PptpMiniport - ok
21:52:57.0950 0x2c7b8 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:52:58.0031 0x2c7b8 PrintNotify - ok
21:52:58.0038 0x2c7b8 Processor - ok
21:52:58.0041 0x2c7b8 ProfSvc - ok
21:52:58.0045 0x2c7b8 Psched - ok
21:52:58.0048 0x2c7b8 QWAVE - ok
21:52:58.0050 0x2c7b8 QWAVEdrv - ok
21:52:58.0052 0x2c7b8 RasAcd - ok
21:52:58.0054 0x2c7b8 RasAgileVpn - ok
21:52:58.0057 0x2c7b8 RasAuto - ok
21:52:58.0059 0x2c7b8 Rasl2tp - ok
21:52:58.0061 0x2c7b8 RasMan - ok
21:52:58.0063 0x2c7b8 RasPppoe - ok
21:52:58.0065 0x2c7b8 RasSstp - ok
21:52:58.0071 0x2c7b8 [ 170C5DE900F60768C380ECD8A812512F, BFD085C32CF25E8261EF4BCFA5903A496785BCDA08037F4EB580BBDEDF42B656 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
21:52:58.0078 0x2c7b8 Razer Game Scanner Service - ok
21:52:58.0081 0x2c7b8 rdbss - ok
21:52:58.0084 0x2c7b8 rdpbus - ok
21:52:58.0086 0x2c7b8 RDPDR - ok
21:52:58.0090 0x2c7b8 RdpVideoMiniport - ok
21:52:58.0093 0x2c7b8 rdyboost - ok
21:52:58.0095 0x2c7b8 ReFSv1 - ok
21:52:58.0099 0x2c7b8 RemoteAccess - ok
21:52:58.0101 0x2c7b8 RemoteRegistry - ok
21:52:58.0104 0x2c7b8 RetailDemo - ok
21:52:58.0107 0x2c7b8 RpcEptMapper - ok
21:52:58.0112 0x2c7b8 RpcLocator - ok
21:52:58.0115 0x2c7b8 RpcSs - ok
21:52:58.0117 0x2c7b8 rspndr - ok
21:52:58.0120 0x2c7b8 [ 55FFB814690A7D8A9E592B3DE1E0F6B6, 860F42D44D8C811D657BAF404939AE3451D6E766BAFFD6FD4912E313683EA316 ] rzendpt C:\WINDOWS\System32\drivers\rzendpt.sys
21:52:58.0125 0x2c7b8 rzendpt - ok
21:52:58.0129 0x2c7b8 [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk C:\WINDOWS\system32\drivers\rzpmgrk.sys
21:52:58.0133 0x2c7b8 rzpmgrk - ok
21:52:58.0138 0x2c7b8 [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk C:\WINDOWS\system32\drivers\rzpnk.sys
21:52:58.0146 0x2c7b8 rzpnk - ok
21:52:58.0151 0x2c7b8 [ 421497E425AFB40502013F362E4FA230, 20E2372BEE4BFB21138CA574C9806EC399DDA9D3439F3C391E34ABB2E518106D ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
21:52:58.0158 0x2c7b8 rzudd - ok
21:52:58.0161 0x2c7b8 s3cap - ok
21:52:58.0163 0x2c7b8 SamSs - ok
21:52:58.0165 0x2c7b8 sbp2port - ok
21:52:58.0168 0x2c7b8 SCardSvr - ok
21:52:58.0170 0x2c7b8 ScDeviceEnum - ok
21:52:58.0173 0x2c7b8 scfilter - ok
21:52:58.0177 0x2c7b8 Schedule - ok
21:52:58.0180 0x2c7b8 SCPolicySvc - ok
21:52:58.0182 0x2c7b8 sdbus - ok
21:52:58.0184 0x2c7b8 SDRSVC - ok
21:52:58.0186 0x2c7b8 sdstor - ok
21:52:58.0188 0x2c7b8 seclogon - ok
21:52:58.0190 0x2c7b8 SENS - ok
21:52:58.0193 0x2c7b8 SensorDataService - ok
21:52:58.0195 0x2c7b8 SensorService - ok
21:52:58.0197 0x2c7b8 SensrSvc - ok
21:52:58.0199 0x2c7b8 SerCx - ok
21:52:58.0202 0x2c7b8 SerCx2 - ok
21:52:58.0204 0x2c7b8 Serenum - ok
21:52:58.0207 0x2c7b8 Serial - ok
21:52:58.0210 0x2c7b8 sermouse - ok
21:52:58.0216 0x2c7b8 SessionEnv - ok
21:52:58.0218 0x2c7b8 sfloppy - ok
21:52:58.0220 0x2c7b8 SharedAccess - ok
21:52:58.0222 0x2c7b8 ShellHWDetection - ok
21:52:58.0225 0x2c7b8 SiSRaid2 - ok
21:52:58.0227 0x2c7b8 SiSRaid4 - ok
21:52:58.0234 0x2c7b8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:52:58.0247 0x2c7b8 SkypeUpdate - ok
21:52:58.0249 0x2c7b8 smphost - ok
21:52:58.0252 0x2c7b8 SmsRouter - ok
21:52:58.0256 0x2c7b8 SNMPTRAP - ok
21:52:58.0258 0x2c7b8 spaceport - ok
21:52:58.0260 0x2c7b8 SpbCx - ok
21:52:58.0263 0x2c7b8 Spooler - ok
21:52:58.0265 0x2c7b8 sppsvc - ok
21:52:58.0267 0x2c7b8 srv - ok
21:52:58.0269 0x2c7b8 srv2 - ok
21:52:58.0272 0x2c7b8 srvnet - ok
21:52:58.0277 0x2c7b8 SSDPSRV - ok
21:52:58.0279 0x2c7b8 SstpSvc - ok
21:52:58.0281 0x2c7b8 StateRepository - ok
21:52:58.0296 0x2c7b8 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:52:58.0315 0x2c7b8 Steam Client Service - ok
21:52:58.0326 0x2c7b8 [ 361FCD486D585F388B576E48D11157B2, D14B73976F46ADAC70A08B07B0A25928D25DBC808CFC6297C3E45077749C1758 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:52:58.0337 0x2c7b8 Stereo Service - ok
21:52:58.0341 0x2c7b8 stexstor - ok
21:52:58.0344 0x2c7b8 stisvc - ok
21:52:58.0346 0x2c7b8 storahci - ok
21:52:58.0348 0x2c7b8 storflt - ok
21:52:58.0350 0x2c7b8 stornvme - ok
21:52:58.0353 0x2c7b8 storqosflt - ok
21:52:58.0355 0x2c7b8 StorSvc - ok
21:52:58.0358 0x2c7b8 storufs - ok
21:52:58.0360 0x2c7b8 storvsc - ok
21:52:58.0363 0x2c7b8 svsvc - ok
21:52:58.0366 0x2c7b8 swenum - ok
21:52:58.0368 0x2c7b8 swprv - ok
21:52:58.0372 0x2c7b8 Synth3dVsc - ok
21:52:58.0376 0x2c7b8 SysMain - ok
21:52:58.0379 0x2c7b8 SystemEventsBroker - ok
21:52:58.0382 0x2c7b8 TabletInputService - ok
21:52:58.0385 0x2c7b8 [ 84CA1EEF6A8A5AE5D5603BBC8ED83FCD, 1C30E026C5ACA703C1EB8164C29CC69FA4D3F3B563C22981F76E872E4CB7CECF ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
21:52:58.0392 0x2c7b8 tap0901 - ok
21:52:58.0395 0x2c7b8 [ 6B7E47195E2BB728601BDF817E9305A0, 5DC5B7EF8CC769A83B8DB68838D46F519A8B295C9F1548A4A6DC2E9B16DC76BC ] taphss6 C:\WINDOWS\System32\drivers\taphss6.sys
21:52:58.0400 0x2c7b8 taphss6 - ok
21:52:58.0403 0x2c7b8 TapiSrv - ok
21:52:58.0407 0x2c7b8 Tcpip - ok
21:52:58.0410 0x2c7b8 Tcpip6 - ok
21:52:58.0413 0x2c7b8 tcpipreg - ok
21:52:58.0416 0x2c7b8 tdx - ok
21:52:58.0419 0x2c7b8 terminpt - ok
21:52:58.0421 0x2c7b8 TermService - ok
21:52:58.0424 0x2c7b8 Themes - ok
21:52:58.0426 0x2c7b8 TieringEngineService - ok
21:52:58.0429 0x2c7b8 tiledatamodelsvc - ok
21:52:58.0431 0x2c7b8 TimeBroker - ok
21:52:58.0433 0x2c7b8 TPM - ok
21:52:58.0437 0x2c7b8 TrkWks - ok
21:52:58.0441 0x2c7b8 TrustedInstaller - ok
21:52:58.0445 0x2c7b8 tsusbflt - ok
21:52:58.0448 0x2c7b8 TsUsbGD - ok
21:52:58.0450 0x2c7b8 tunnel - ok
21:52:58.0453 0x2c7b8 tzautoupdate - ok
21:52:58.0455 0x2c7b8 uagp35 - ok
21:52:58.0458 0x2c7b8 UASPStor - ok
21:52:58.0460 0x2c7b8 UcmCx0101 - ok
21:52:58.0463 0x2c7b8 UcmUcsi - ok
21:52:58.0465 0x2c7b8 Ucx01000 - ok
21:52:58.0468 0x2c7b8 UdeCx - ok
21:52:58.0470 0x2c7b8 udfs - ok
21:52:58.0474 0x2c7b8 UEFI - ok
21:52:58.0477 0x2c7b8 Ufx01000 - ok
21:52:58.0480 0x2c7b8 UfxChipidea - ok
21:52:58.0482 0x2c7b8 ufxsynopsys - ok
21:52:58.0486 0x2c7b8 UI0Detect - ok
21:52:58.0489 0x2c7b8 uliagpkx - ok
21:52:58.0491 0x2c7b8 umbus - ok
21:52:58.0494 0x2c7b8 UmPass - ok
21:52:58.0496 0x2c7b8 UmRdpService - ok
21:52:58.0499 0x2c7b8 UnistoreSvc - ok
21:52:58.0509 0x2c7b8 upnphost - ok
21:52:58.0512 0x2c7b8 UrsChipidea - ok
21:52:58.0515 0x2c7b8 UrsCx01000 - ok
21:52:58.0518 0x2c7b8 UrsSynopsys - ok
21:52:58.0520 0x2c7b8 usbaudio - ok
21:52:58.0523 0x2c7b8 usbccgp - ok
21:52:58.0526 0x2c7b8 usbcir - ok
21:52:58.0528 0x2c7b8 usbehci - ok
21:52:58.0530 0x2c7b8 usbhub - ok
21:52:58.0533 0x2c7b8 USBHUB3 - ok
21:52:58.0535 0x2c7b8 usbohci - ok
21:52:58.0538 0x2c7b8 usbprint - ok
21:52:58.0542 0x2c7b8 usbser - ok
21:52:58.0544 0x2c7b8 USBSTOR - ok
21:52:58.0547 0x2c7b8 usbuhci - ok
21:52:58.0549 0x2c7b8 USBXHCI - ok
21:52:58.0551 0x2c7b8 UserDataSvc - ok
21:52:58.0559 0x2c7b8 UserManager - ok
21:52:58.0561 0x2c7b8 UsoSvc - ok
21:52:58.0563 0x2c7b8 VaultSvc - ok
21:52:58.0565 0x2c7b8 vdrvroot - ok
21:52:58.0568 0x2c7b8 vds - ok
21:52:58.0570 0x2c7b8 VerifierExt - ok
21:52:58.0574 0x2c7b8 vhdmp - ok
21:52:58.0577 0x2c7b8 vhf - ok
21:52:58.0579 0x2c7b8 vmbus - ok
21:52:58.0582 0x2c7b8 VMBusHID - ok
21:52:58.0584 0x2c7b8 vmicguestinterface - ok
21:52:58.0587 0x2c7b8 vmicheartbeat - ok
21:52:58.0590 0x2c7b8 vmickvpexchange - ok
21:52:58.0592 0x2c7b8 vmicrdv - ok
21:52:58.0594 0x2c7b8 vmicshutdown - ok
21:52:58.0596 0x2c7b8 vmictimesync - ok
21:52:58.0598 0x2c7b8 vmicvmsession - ok
21:52:58.0600 0x2c7b8 vmicvss - ok
21:52:58.0603 0x2c7b8 volmgr - ok
21:52:58.0605 0x2c7b8 volmgrx - ok
21:52:58.0610 0x2c7b8 volsnap - ok
21:52:58.0614 0x2c7b8 vpci - ok
21:52:58.0616 0x2c7b8 vsmraid - ok
21:52:58.0618 0x2c7b8 VSS - ok
21:52:58.0620 0x2c7b8 VSTXRAID - ok
21:52:58.0623 0x2c7b8 vwifibus - ok
21:52:58.0626 0x2c7b8 vwififlt - ok
21:52:58.0628 0x2c7b8 W32Time - ok
21:52:58.0632 0x2c7b8 [ FCFD4B14A01D5AD7DDF2691FD00E3A44, 786AE1205E2006A41D92DA80AE70A41C1559B2C6756EE6D83E5A632A35933019 ] WacHidRouter C:\WINDOWS\System32\drivers\wachidrouter.sys
21:52:58.0637 0x2c7b8 WacHidRouter - ok
21:52:58.0641 0x2c7b8 WacomPen - ok
21:52:58.0644 0x2c7b8 [ 335ACA8E3B778A2AEE17E004802B0C0E, 6E6CB8A9D75351E96B56816CBADA8D2EBBEE560C2DE5E3400CDA4CF8115D433E ] wacomrouterfilter C:\WINDOWS\System32\drivers\wacomrouterfilter.sys
21:52:58.0648 0x2c7b8 wacomrouterfilter - ok
21:52:58.0651 0x2c7b8 WalletService - ok
21:52:58.0653 0x2c7b8 wanarp - ok
21:52:58.0655 0x2c7b8 wanarpv6 - ok
21:52:58.0658 0x2c7b8 wbengine - ok
21:52:58.0660 0x2c7b8 WbioSrvc - ok
21:52:58.0662 0x2c7b8 Wcmsvc - ok
21:52:58.0664 0x2c7b8 wcncsvc - ok
21:52:58.0667 0x2c7b8 WcsPlugInService - ok
21:52:58.0669 0x2c7b8 WdBoot - ok
21:52:58.0671 0x2c7b8 Wdf01000 - ok
21:52:58.0674 0x2c7b8 WdFilter - ok
21:52:58.0678 0x2c7b8 WdiServiceHost - ok
21:52:58.0680 0x2c7b8 WdiSystemHost - ok
21:52:58.0683 0x2c7b8 wdiwifi - ok
21:52:58.0685 0x2c7b8 WdNisDrv - ok
21:52:58.0688 0x2c7b8 WdNisSvc - ok
21:52:58.0691 0x2c7b8 WebClient - ok
21:52:58.0693 0x2c7b8 Wecsvc - ok
21:52:58.0695 0x2c7b8 WEPHOSTSVC - ok
21:52:58.0698 0x2c7b8 wercplsupport - ok
21:52:58.0700 0x2c7b8 WerSvc - ok
21:52:58.0703 0x2c7b8 WFPLWFS - ok
21:52:58.0706 0x2c7b8 WiaRpc - ok
21:52:58.0709 0x2c7b8 WIMMount - ok
21:52:58.0710 0x2c7b8 WinDefend - ok
21:52:58.0715 0x2c7b8 WindowsTrustedRT - ok
21:52:58.0718 0x2c7b8 WindowsTrustedRTProxy - ok
21:52:58.0721 0x2c7b8 WinHttpAutoProxySvc - ok
21:52:58.0723 0x2c7b8 WinMad - ok
21:52:58.0729 0x2c7b8 Winmgmt - ok
21:52:58.0733 0x2c7b8 [ 27BCBEEC8A466178A6057B64BEF66512, A7B000ABBCC344444A9B00CFADE7AA22AB92CE0CADEC196C30EB1851AE4FA062 ] WinRing0_1_2_0 C:\Program Files (x86)\EVGA\PrecisionX 16\WinRing0\WinRing0x64.sys
21:52:58.0737 0x2c7b8 WinRing0_1_2_0 - ok
21:52:58.0741 0x2c7b8 WinRM - ok
21:52:58.0746 0x2c7b8 WINUSB - ok
21:52:58.0748 0x2c7b8 WinVerbs - ok
21:52:58.0751 0x2c7b8 WlanSvc - ok
21:52:58.0753 0x2c7b8 wlidsvc - ok
21:52:58.0755 0x2c7b8 WmiAcpi - ok
21:52:58.0759 0x2c7b8 wmiApSrv - ok
21:52:58.0760 0x2c7b8 WMPNetworkSvc - ok
21:52:58.0766 0x2c7b8 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:52:58.0778 0x2c7b8 Wof - ok
21:52:58.0781 0x2c7b8 workfolderssvc - ok
21:52:58.0784 0x2c7b8 wpcfltr - ok
21:52:58.0786 0x2c7b8 WPDBusEnum - ok
21:52:58.0789 0x2c7b8 WpdUpFltr - ok
21:52:58.0791 0x2c7b8 WpnService - ok
21:52:58.0793 0x2c7b8 ws2ifsl - ok
21:52:58.0796 0x2c7b8 wscsvc - ok
21:52:58.0797 0x2c7b8 WSearch - ok
21:52:58.0801 0x2c7b8 WSService - ok
21:52:58.0814 0x2c7b8 [ 539D52A1CB4CC3BFB9B6CAD7883B8ECA, 3CAC8F755F85F06C6FFA8C5328943DC55F410EAAA64F0E4241C3E7F60A48D4A9 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
21:52:58.0828 0x2c7b8 WTabletServiceCon - ok
21:52:58.0842 0x2c7b8 [ 4AF4C85F801F60157F943108DDBC4143, 5D246EF0AB7EE8D460921B6429FEE9B0793AEB92DB8CABD492BC20AF01F8A134 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
21:52:58.0856 0x2c7b8 WTabletServicePro - ok
21:52:58.0859 0x2c7b8 wuauserv - ok
21:52:58.0861 0x2c7b8 WudfPf - ok
21:52:58.0864 0x2c7b8 WUDFRd - ok
21:52:58.0866 0x2c7b8 wudfsvc - ok
21:52:58.0868 0x2c7b8 WUDFWpdFs - ok
21:52:58.0871 0x2c7b8 WwanSvc - ok
21:52:58.0875 0x2c7b8 XblAuthManager - ok
21:52:58.0878 0x2c7b8 XblGameSave - ok
21:52:58.0880 0x2c7b8 xboxgip - ok
21:52:58.0883 0x2c7b8 XboxNetApiSvc - ok
21:52:58.0886 0x2c7b8 [ C40AE9F959A8EDA4AF63E0E28185A8AC, D630EDDFC61D7816C764D588BCB1E9E3C5F92D3B387B204DACC67F9B1A62F6ED ] xhunter1 C:\WINDOWS\xhunter1.sys
21:52:58.0890 0x2c7b8 xhunter1 - ok
21:52:58.0893 0x2c7b8 xinputhid - ok
21:52:58.0894 0x2c7b8 ================ Scan global ===============================
21:52:58.0903 0x2c7b8 [ Global ] - ok
21:52:58.0904 0x2c7b8 ================ Scan MBR ==================================
21:52:58.0906 0x2c7b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:52:59.0011 0x2c7b8 \Device\Harddisk0\DR0 - ok
21:52:59.0014 0x2c7b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:52:59.0033 0x2c7b8 \Device\Harddisk1\DR1 - ok
21:52:59.0036 0x2c7b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:52:59.0062 0x2c7b8 \Device\Harddisk2\DR2 - ok
21:52:59.0065 0x2c7b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
21:52:59.0076 0x2c7b8 \Device\Harddisk3\DR3 - ok
21:52:59.0077 0x2c7b8 ================ Scan VBR ==================================
21:52:59.0079 0x2c7b8 [ 80575C5BE01EE389ACC4BC8277FE79F8 ] \Device\Harddisk0\DR0\Partition1
21:52:59.0080 0x2c7b8 \Device\Harddisk0\DR0\Partition1 - ok
21:52:59.0083 0x2c7b8 [ FA7A125E9DEDDCC114FF51E4C25FB484 ] \Device\Harddisk0\DR0\Partition2
21:52:59.0083 0x2c7b8 \Device\Harddisk0\DR0\Partition2 - ok
21:52:59.0085 0x2c7b8 [ 4C773952F9042070D73D1DBAC65C1B80 ] \Device\Harddisk1\DR1\Partition1
21:52:59.0086 0x2c7b8 \Device\Harddisk1\DR1\Partition1 - ok
21:52:59.0088 0x2c7b8 [ AFA408DD742918EB19C15C22417AF938 ] \Device\Harddisk1\DR1\Partition2
21:52:59.0088 0x2c7b8 \Device\Harddisk1\DR1\Partition2 - ok
21:52:59.0090 0x2c7b8 [ F65347C46E1EFBF8E738071C40828E11 ] \Device\Harddisk1\DR1\Partition3
21:52:59.0090 0x2c7b8 \Device\Harddisk1\DR1\Partition3 - ok
21:52:59.0092 0x2c7b8 [ 656C1F0F5308663CE25AA99B5A8D0A15 ] \Device\Harddisk1\DR1\Partition4
21:52:59.0094 0x2c7b8 \Device\Harddisk1\DR1\Partition4 - ok
21:52:59.0095 0x2c7b8 [ 09E6E6D01BF455F43F1A3AFD68B257D0 ] \Device\Harddisk2\DR2\Partition1
21:52:59.0096 0x2c7b8 \Device\Harddisk2\DR2\Partition1 - ok
21:52:59.0097 0x2c7b8 [ C95859479AFF0DC46181C11F92452C33 ] \Device\Harddisk3\DR3\Partition1
21:52:59.0099 0x2c7b8 \Device\Harddisk3\DR3\Partition1 - ok
21:52:59.0099 0x2c7b8 ================ Scan generic autorun ======================
21:52:59.0142 0x2c7b8 [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:52:59.0185 0x2c7b8 NvBackend - ok
21:52:59.0190 0x2c7b8 ShadowPlay - ok
21:52:59.0214 0x2c7b8 Cmaudio8788 - ok
21:52:59.0219 0x2c7b8 [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\WINDOWS\syswow64\HsMgr.exe
21:52:59.0259 0x2c7b8 Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
21:53:00.0298 0x26980 Object required for P2P: [ DAF8A50D2CFDFBEA9AE33F0EE5D1AE7B ] nvsvc
21:53:01.0650 0x2c7b8 Detect skipped due to KSN trusted
21:53:01.0650 0x2c7b8 Cmaudio8788GX - ok
21:53:01.0657 0x2c7b8 [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\WINDOWS\system\HsMgr64.exe
21:53:01.0666 0x2c7b8 Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
21:53:02.0812 0x26980 Object send P2P result: true
21:53:04.0073 0x2c42c Object required for P2P: [ C40AE9F959A8EDA4AF63E0E28185A8AC ] xhunter1
21:53:04.0282 0x2c7b8 Detect skipped due to KSN trusted
21:53:04.0282 0x2c7b8 Cmaudio8788GX64 - ok
21:53:04.0328 0x2c7b8 [ CB4591A8CE051E3823D07CF7C4B6FF8B, FE6911AB62FC221068C97BBAFE9870DC3E1F403D2255EEDB72AE9E5E0E856977 ] C:\Program Files (x86)\Flawless Widescreen\FlawlessWidescreen.exe
21:53:04.0397 0x2c7b8 FWS_FlawlessWidescreen - detected UnsignedFile.Multi.Generic ( 1 )
21:53:06.0582 0x2c42c Object send P2P result: true
21:53:06.0802 0x2c7b8 Detect skipped due to KSN trusted
21:53:06.0802 0x2c7b8 FWS_FlawlessWidescreen - ok
21:53:06.0804 0x2c7b8 OneDriveSetup - ok
21:53:06.0806 0x2c7b8 OneDriveSetup - ok
21:53:06.0819 0x2c7b8 [ 1F93DAF10BC91666F52FC5B9632C86EB, 3D2AE1090198AAEE7CDB587ED1D2784B9FF4E4B03F4F65BC2F46E28B136F3F01 ] C:\Users\cletze\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:53:06.0833 0x2c7b8 OneDrive - ok
21:53:06.0835 0x2c7b8 Skype - ok
21:53:06.0944 0x2c7b8 [ E27BEF2C9576586E1C50A276A8DDBB3E, CE2A375269061AC36B91B4124975507CA40F2DE079CC2626B6BA1C26720DF886 ] C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
21:53:07.0042 0x2c7b8 OKAYFREEDOM_Agent - ok
21:53:07.0102 0x2c7b8 [ 8B8E3CEECD3C9709D1E0DAB2E25565F7, C9ACD0669136667157AF433A96C0C00F771122CE4A3BA0D3924DD635C37BF5D0 ] C:\Program Files (x86)\Origin\Origin.exe
21:53:07.0165 0x2c7b8 EADM - ok
21:53:07.0173 0x2c7b8 [ 3C432A063D0C82E62816A54BD0ECDF35, 16F59EC33BA97EEC6579AD4EC1DC72FBC154EC23D1208AC18281D250D47CF81C ] C:\Program Files (x86)\Smart Port Forwarding\SPF.exe
21:53:07.0182 0x2c7b8 Smart Port Forwarding - detected UnsignedFile.Multi.Generic ( 1 )
21:53:09.0631 0x2c7b8 Detect skipped due to KSN trusted
21:53:09.0631 0x2c7b8 Smart Port Forwarding - ok
21:53:09.0631 0x2c7b8 Waiting for KSN requests completion. In queue: 3
21:53:10.0632 0x2c7b8 Waiting for KSN requests completion. In queue: 3
21:53:11.0632 0x2c7b8 Waiting for KSN requests completion. In queue: 3
21:53:12.0012 0x2c664 Object required for P2P: [ E27BEF2C9576586E1C50A276A8DDBB3E ] C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
21:53:12.0633 0x2c7b8 Waiting for KSN requests completion. In queue: 2
21:53:13.0633 0x2c7b8 Waiting for KSN requests completion. In queue: 2
21:53:14.0538 0x2c664 Object send P2P result: true
21:53:14.0641 0x2c7b8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
21:53:14.0646 0x2c7b8 Win FW state via NFP2: enabled ( trusted )
21:53:17.0080 0x2c7b8 ============================================================
21:53:17.0080 0x2c7b8 Scan finished
21:53:17.0080 0x2c7b8 ============================================================
21:53:17.0091 0x2c798 Detected object count: 0
21:53:17.0092 0x2c798 Actual detected object count: 0
|
|
23.02.2016, 22:19
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Schritt 1  
Schritt 2 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
25.02.2016, 12:32
| #8 |
| | SkypeVirus? ausversehen diesen Link geklickt :/ was nunCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 25.02.2016 Suchlaufzeit: 09:32 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.25.02 Rootkit-Datenbank: v2016.02.17.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: cletze Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 413331 Abgelaufene Zeit: 16 Min., 39 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# end=init
# utc_time=2016-02-22 07:30:40
# local_time=2016-02-22 08:30:40 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28251
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# end=updated
# utc_time=2016-02-22 07:31:54
# local_time=2016-02-22 08:31:54 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# engine=28251
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-02-22 09:27:39
# local_time=2016-02-22 10:27:39 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 85897 9990602 0 0
# scanned=777616
# found=13
# cleaned=12
# scan_time=6944
sh=3AFB8F35896182AB832ACB8A474C83D79FAB0207 ft=0 fh=0000000000000000 vn="JS/Adware.OkayFreedom.B Anwendung" ac=I fn="D:\Users\cletze\Anwendungsdaten\Steganos\OkayFreedom\Proxy\node_modules\steganos\injection.js"
sh=3AFB8F35896182AB832ACB8A474C83D79FAB0207 ft=0 fh=0000000000000000 vn="JS/Adware.OkayFreedom.B Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\cletze\AppData\Roaming\Steganos\OkayFreedom\Proxy\node_modules\steganos\injection.js"
sh=BCA22D01DCA4B578E6172C53C1BFE2008AC8BAB7 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida.AAD Trojaner (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\7c8c8b9c (1).zip"
sh=2A58ED35A2BE8A6A8B1528FF1FD5C549A3B889D7 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida.AAD Trojaner (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\7c8c8b9c (2).zip"
sh=66C30E828106FBCF7D13F608270D4BCFCF24A188 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida.AAD Trojaner (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\7c8c8b9c (3).zip"
sh=0A82D22543F210601DC370F55D81557D953A9C3D ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida.AAD Trojaner (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\7c8c8b9c.zip"
sh=882E61641AD1C4BAD68D994270EDB5B074229A4D ft=1 fh=8f7fc315071890c2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\cletze\Downloads\BlueScreenView - CHIP-Installer.exe"
sh=2A155D235EE68C0ECA0A4E3719D8A3FD74377D0B ft=1 fh=c9c82e9f6368ceb5 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\ccsetup513pro.exe"
sh=65B2A04AFA5CA72AAF51C19D304182873FE500CB ft=1 fh=ad014ead74f488b7 vn="Win32/OpenCandy potenziell unsichere Anwendung (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\CrystalDiskInfo6_7_2-en (1).exe"
sh=65B2A04AFA5CA72AAF51C19D304182873FE500CB ft=1 fh=ad014ead74f488b7 vn="Win32/OpenCandy potenziell unsichere Anwendung (gelöscht)" ac=C fn="C:\Users\cletze\Downloads\CrystalDiskInfo6_7_2-en.exe"
sh=EB4557643D3BA305C47B42DE4F6D7B3978163D9A ft=1 fh=27a567ff86c161ee vn="Win32/UniBlue.E evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Windows.old\Users\cletze\AppData\Local\Microsoft\Windows\INetCache\IE\KVZ4TRKD\pcmechanicpm-standalone-setup[1].exe"
sh=66C30E828106FBCF7D13F608270D4BCFCF24A188 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida.AAD Trojaner (gelöscht)" ac=C fn="D:\cheat i love cheat\7c8c8b9c (3).zip"
sh=240036D56DE69E08D4FFAD075F23ED751E43350F ft=1 fh=315e1ab87f71ddeb vn="Variante von Win32/Packed.NoobyProtect.P verdächtige Datei (Gesäubert durch Löschen)" ac=C fn="D:\x22\17292121.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# end=init
# utc_time=2016-02-25 09:01:43
# local_time=2016-02-25 10:01:43 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28293
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# end=updated
# utc_time=2016-02-25 09:02:30
# local_time=2016-02-25 10:02:30 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a72d089dba9ffe4c93ebfd8609db8b41
# engine=28293
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-25 10:37:36
# local_time=2016-02-25 11:37:36 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 136469 10210799 0 0
# scanned=778402
# found=2
# cleaned=1
# scan_time=5706
sh=3AFB8F35896182AB832ACB8A474C83D79FAB0207 ft=0 fh=0000000000000000 vn="JS/Adware.OkayFreedom.B Anwendung" ac=I fn="D:\Users\cletze\Anwendungsdaten\Steganos\OkayFreedom\Proxy\node_modules\steganos\injection.js"
sh=3AFB8F35896182AB832ACB8A474C83D79FAB0207 ft=0 fh=0000000000000000 vn="JS/Adware.OkayFreedom.B Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\cletze\AppData\Roaming\Steganos\OkayFreedom\Proxy\node_modules\steganos\injection.js"
|
|
26.02.2016, 09:27
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Welche Probleme bestehen aktuell noch?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
26.02.2016, 09:37
| #10 |
| | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Keine |
|
27.02.2016, 13:19
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | SkypeVirus? ausversehen diesen Link geklickt :/ was nun Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Kauf-Empfehlung:  Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu SkypeVirus? ausversehen diesen Link geklickt :/ was nun |
| anklicken, erwischt, fahren, geklickt, geschickt, heute, klicke, klicken, kontakte, kopieren, link, link geklickt, niemand, seite, skypevirus, stark, takten, vermute, virus |
+ R Taste und schreibe Combofix /Uninstall in das 
Hybrid-Darstellung
