| |
| |||||||
Log-Analyse und Auswertung: JS/SecurityDisabler.BWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.10.2016, 00:12
| #1 |
 |  JS/SecurityDisabler.B Hi, Eben als ich hier im Forum n' Thread angucken wollte zum mitlesen, hat sich ESET gemeldet mit folgender Warnung:  kurze Zeit später diese Meldung:  Würde mich um eine Aufklärung und/oder Bereinigung freuen  PS: Log's finden sie hier: http://pastebin.com/xw57HwiX Geändert von Ladekabel612 (28.10.2016 um 00:50 Uhr) |
|
28.10.2016, 10:32
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | JS/SecurityDisabler.B Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
28.10.2016, 10:42
| #3 |
| /// TB-Senior    | JS/SecurityDisabler.B Das ist mein Thread.
__________________Da habe ich mir den vollständigen (schädlichen) Code von der user.js-Datei anzeigen lassen, jetzt steht er natürlich da drin im Text. Schaden anrichten (Sicherheitseinstellungen deaktivieren) kann er aber nur, wenn du ihn in einer user.js-Datei im Firefox-Ordner speicherst. Sorry Cosinus.
__________________ |
|
28.10.2016, 10:50
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B Ok...dann verschieb ich das in den Urspungsthread. Oder soll es als extra Trhread ausgelagert sein?  
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2016, 10:57
| #5 |
| /// TB-Senior | JS/SecurityDisabler.B Nein, mein Thread ist mit Solonia. Den wollte Ladekabel612 sich ansehen und wurde richtigerweise von ESET darauf hingewiesen, dass dort Schadcode enthalten ist.
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
28.10.2016, 10:58
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B also jetzt versteh ich nur noch Bahnhof Warum soll es denn dann dein Thread sein
__________________ --> JS/SecurityDisabler.B |
|
28.10.2016, 11:00
| #7 | |
| /// TB-Senior | JS/SecurityDisabler.B Nicht DIES, sondern DAS, wovon Ladekabel612 schreibt: Zitat:
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
28.10.2016, 11:02
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B Ja, aber das musst du doch nicht in diesen Thread reinschreiben, dass ein völlig anderer Thread von dir behandelt wird... 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2016, 11:09
| #9 |
| /// TB-Senior | JS/SecurityDisabler.B Ja, ich hätte dir lieber eine PN schreiben sollen, aber wenn ich doch die Erklärung für das Problem in DIESEM Thread gleich wusste, musste ich das doch mitteilen! Nochmal sorry
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
28.10.2016, 11:12
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B schreib die Erklärung doch hier einfach rein Und alles gut, Ruth  mir macht das nix aus, wenn noch jmd aus dem Team in meine Threads postet, hab halt nur nicht geschnallt was du mir sagen wolltest 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2016, 11:14
| #11 | |
| /// TB-Senior | JS/SecurityDisabler.BZitat:
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
28.10.2016, 11:21
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B Ist ja schon gut. Du hast mich ganz wuschig gemacht mit DEINEM Thread 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2016, 13:08
| #13 |
| | JS/SecurityDisabler.B Danke Fragerin das du es erläutert hast, woran es lag. @Cosinus: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2016 durchgeführt von Tygan (Administrator) auf COMPUTER-128234 (28-10-2016 00:54:23) Gestartet von C:\Users\Tygan\Desktop Geladene Profile: Tygan & *(Verfügbare Profile: Tygan & Jendrik & Administrator & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ * ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) * (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AMD) C:\Windows\System32\atieclxx.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\Core Temp\Core Temp.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\puush\puush.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe * * ==================== Registry (Nicht auf der Ausnahmeliste) ==================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) * HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NetSpeedMonitor] => C:\Program Files\NetSpeedMonitor\nsmc.exe [71680 2010-04-04] (Florian Gilles) HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-14] (InstallShield Software Corporation) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2779136 2016-06-11] (Dominik Reichl) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2016-04-14] (VMware, Inc.) HKLM Group Policy restriction on software: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy <====== ACHTUNG HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ACHTUNG HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ACHTUNG HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-05-30] () HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [Discord] => C:\Users\Tygan\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [pCloud] => C:\Program Files (x86)\pCloud Drive\pCloud.exe HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.) HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\RunOnce: [Uninstall C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" HKU\S-1-5-21-624198674-977653023-2037852723-1021\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-05-30] () HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Discord] => C:\Users\Tygan\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [pCloud] => C:\Program Files (x86)\pCloud Drive\pCloud.exe HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-08-29] (Disc Soft Ltd) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4090944 2016-09-20] (GOG.com) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.) HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509" HKU\S-1-5-21-624198674-977653023-2037852723-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) SSODL: EldosMountNotificator-cbfs6 - {73F8D53A-4E1F-4434-A7D0-7C1E3B50BB78} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator-cbfs6 - {73F8D53A-4E1F-4434-A7D0-7C1E3B50BB78} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation) ShellIconOverlayIdentifiers: [ *GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: [ *GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: [ *GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => *Keine Datei ShellIconOverlayIdentifiers: [1MediaFireIconError] -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon3_d1739.dll Keine Datei ShellIconOverlayIdentifiers: [1MediaFireIconReadOnly] -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon5_d1739.dll Keine Datei ShellIconOverlayIdentifiers: [1MediaFireIconSynched] -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon_d1739.dll Keine Datei ShellIconOverlayIdentifiers: [1MediaFireIconSyncing] -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon2_d1739.dll Keine Datei ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {36A9E202-9EBD-4037-9EC8-9403A1FE827B} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-06-13] (EldoS Corporation) ShellIconOverlayIdentifiers: [MediaFireIconLock] -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files (x86)\MediaFire Desktop\MediaFireIcon4_d1739.dll Keine Datei ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {36A9E202-9EBD-4037-9EC8-9403A1FE827B} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-06-13] (EldoS Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [2016-07-10] ShortcutTarget: NETGEAR WNA3100M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () GroupPolicy: Beschränkung <======= ACHTUNG GroupPolicyScripts: Beschränkung <======= ACHTUNG * ==================== Internet (Nicht auf der Ausnahmeliste) ==================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) * Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{f2c76c85-8df8-4ee3-a794-c760b75c17ca}: [NameServer] 192.168.1.1 * Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-624198674-977653023-2037852723-1021 -> DefaultScope {CD28C5AB-6B7C-4A80-B791-6F9099DE1CEE} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-624198674-977653023-2037852723-1021 -> {CD28C5AB-6B7C-4A80-B791-6F9099DE1CEE} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {CD28C5AB-6B7C-4A80-B791-6F9099DE1CEE} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {CD28C5AB-6B7C-4A80-B791-6F9099DE1CEE} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} * Edge: ====== Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.3.0.0_neutral__c1wakc4j0nefm [2016-10-25] * FireFox: ======== FF DefaultProfile: 3am39cb5.default FF ProfilePath: C:\Users\Tygan\AppData\Roaming\Mozilla\Firefox\Profiles\3am39cb5.default [2016-10-27] FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.ftp", "100.44.118.68" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.ftp_port", 8080 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.socks", "100.44.118.68" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.socks_port", 8080 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.ssl", "100.44.118.68" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> backup.ssl_port", 8080 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> ftp", "196.41.123.151" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> ftp_port", 80 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> http", "196.41.123.151" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> http_port", 80 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> share_proxy_settings", true FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> socks", "196.41.123.151" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> socks_port", 80 FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> ssl", "196.41.123.151" FF NetworkProxy: Mozilla\Firefox\Profiles\3am39cb5.default -> ssl_port", 80 FF Extension: (HTTPS Everywhere) - C:\Users\Tygan\AppData\Roaming\Mozilla\Firefox\Profiles\3am39cb5.default\Extensions\https-everywhere@eff.org.xpi [2016-10-25] FF Extension: (uBlock Origin) - C:\Users\Tygan\AppData\Roaming\Mozilla\Firefox\Profiles\3am39cb5.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-25] FF Extension: (O2 Service Suite) - C:\Users\Tygan\AppData\Roaming\Mozilla\Firefox\Profiles\3am39cb5.default\Extensions\{} [2016-08-19] [ist nicht signiert] FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-01-09] (Adobe Systems, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) * Chrome: ======= CHR DefaultProfile: Profile 1 CHR StartupUrls: Profile 1 -> "hxxp://www.youtube.com/" CHR Profile: C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old [2016-10-07] <==== ACHTUNG CHR Extension: (Google Präsentationen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-19] CHR Extension: (Google Docs) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-19] CHR Extension: (Google Drive) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-04] CHR Extension: (YouTube) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-04] CHR Extension: (Google Tabellen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-19] CHR Extension: (Google Docs Offline) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-19] CHR Extension: (Blue Space) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\lgafflokkagpjiofcoodepkehnpldbge [2016-04-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-19] CHR Extension: (Google Mail) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Default.old\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-04] CHR Profile: C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-28] CHR Extension: (Google Präsentationen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-19] CHR Extension: (Google Docs) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-19] CHR Extension: (Google Drive) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-05] CHR Extension: (YouTube) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-05] CHR Extension: (uBlock Origin) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-10-27] CHR Extension: (Google Tabellen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-19] CHR Extension: (HTTPS Everywhere) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-10-21] CHR Extension: (Google Docs Offline) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-19] CHR Extension: (Warcraft-Horde-HD Theme) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ladafnjkjoaamingmeglanknjkbpojan [2016-09-21] CHR Extension: (SoundCloud Downloader Free) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\libedajeiljdoodmokbppgapcfbignci [2016-08-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-19] CHR Extension: (Datensparmodus) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfmgfdlgomnbgkofeojodiodmgpgmkac [2016-09-21] CHR Extension: (Google Mail) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-05] CHR Extension: (Chrome Media Router) - C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25] CHR Profile: C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-10-17] CHR Profile: C:\Users\Tygan\AppData\Local\Google\Chrome\User Data\System Profile [2016-08-19] CHR HKU\S-1-5-21-624198674-977653023-2037852723-1021\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tygan\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-20] CHR HKU\S-1-5-21-624198674-977653023-2037852723-1021\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tygan\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-10-20] CHR HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx * ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated) R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-04-05] () [Datei ist nicht signiert] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2779136 2016-08-21] (ESET) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [281152 2016-09-20] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6394432 2016-10-04] (GOG.com) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12471368 2016-04-14] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [316120 2014-08-18] () * ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * R3 ALSysIO; C:\Users\Tygan\AppData\Local\Temp\ALSysIO64.sys [35320 2016-10-25] (Arthur Liberman) R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-06-13] (EldoS Corporation) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-18] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-18] (Disc Soft Ltd) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [263296 2016-08-21] (ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199328 2016-06-23] (ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-06-23] (ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197288 2016-06-23] (ESET) R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [181416 2016-06-23] (ESET) R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2016-07-25] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-28] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek * * * * * * * * * * * * * * * * * * * * * *) R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [3859704 2015-10-16] (Realtek Semiconductor Corporation * * * * * * * * * * * * * ) S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.) S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation) R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [198248 2016-08-02] (IDRIX) R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-06-13] (EldoS Corporation) R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 idsvc; kein ImagePath * ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * * ==================== Ein Monat: Erstellte Dateien und Ordner ======== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) * 2016-10-28 00:54 - 2016-10-28 00:58 - 00029950 _____ C:\Users\Tygan\Desktop\FRST.txt 2016-10-28 00:53 - 2016-10-28 00:54 - 02407936 _____ (Farbar) C:\Users\Tygan\Desktop\FRST64.exe 2016-10-28 00:50 - 2016-10-28 00:54 - 00000000 ____D C:\FRST 2016-10-25 20:07 - 2016-10-25 20:07 - 00000022 _____ C:\WINDOWS\S.dirmngr 2016-10-25 20:07 - 2016-10-25 20:07 - 00000000 ____H C:\ProgramData\cm-lock 2016-10-25 19:20 - 2016-10-25 19:20 - 00013621 _____ C:\Users\Tygan\Downloads\58079 (3).user.js 2016-10-25 19:18 - 2016-10-25 19:18 - 00013621 _____ C:\Users\Tygan\Downloads\58079 (1).user.js 2016-10-25 19:15 - 2016-10-25 19:15 - 00013621 _____ C:\Users\Tygan\Downloads\58079.user.js 2016-10-25 19:09 - 2016-10-25 19:09 - 00030104 _____ C:\Users\Tygan\Downloads\106689.user.js 2016-10-25 15:13 - 2016-10-25 15:16 - 131076195 _____ C:\Users\Tygan\Downloads\archivedwl-389.zip 2016-10-25 14:43 - 2016-10-25 14:44 - 20741275 _____ C:\Users\Tygan\Downloads\archivedwl-383.zip 2016-10-23 22:38 - 2016-10-25 19:50 - 00000000 ____D C:\Users\Tygan\Desktop\Crypto 2016-10-23 02:50 - 2016-10-23 02:50 - 00000036 _____ C:\Users\Tygan\Desktop\Beam CIV VI.txt 2016-10-23 01:39 - 2016-10-25 00:19 - 00015648 _____ C:\Users\Tygan\Documents\Sophie.odt 2016-10-23 00:29 - 2016-10-23 00:29 - 00000425 _____ C:\Users\Tygan\Documents\PC Komponente.txt 2016-10-22 02:52 - 2016-10-22 02:53 - 40128499 _____ C:\Users\Tygan\Downloads\The World Is Yours - Tim McMorris - Inspirational Video.mp4 2016-10-22 02:28 - 2016-10-22 03:05 - 00000092 _____ C:\Users\Tygan\Documents\important.txt 2016-10-21 20:03 - 2016-10-27 03:37 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\AIMP 2016-10-21 20:03 - 2016-10-21 20:03 - 00000970 _____ C:\Users\Public\Desktop\AIMP.lnk 2016-10-21 20:03 - 2016-10-21 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP 2016-10-21 20:02 - 2016-10-21 20:03 - 00000000 ____D C:\Program Files (x86)\AIMP 2016-10-21 19:57 - 2016-10-21 20:02 - 09177240 _____ (AIMP DevTeam) C:\Users\Tygan\Downloads\aimp_4.11.1841.exe 2016-10-21 19:56 - 2016-10-21 21:00 - 30876947 _____ C:\Users\Tygan\Downloads\TIM MCMORRIS - THE WORLD IS YOURS.mp4 2016-10-20 18:06 - 2016-10-20 18:06 - 00001418 _____ C:\Users\Tygan\Desktop\Tor Browser.lnk 2016-10-20 17:54 - 2016-10-22 12:38 - 00000000 ___RD C:\Users\Tygan\Google Drive 2016-10-20 17:54 - 2016-10-20 17:54 - 00001827 _____ C:\Users\Tygan\Desktop\Google Drive.lnk 2016-10-20 17:51 - 2016-10-20 17:51 - 00002121 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-10-20 17:51 - 2016-10-20 17:51 - 00002119 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-10-20 17:51 - 2016-10-20 17:51 - 00002109 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-10-20 17:51 - 2016-10-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-10-20 17:47 - 2016-10-28 00:49 - 00000000 ____D C:\Users\Tygan\Documents\Private Sachen 2016-10-20 17:43 - 2016-10-20 17:44 - 01065376 _____ (Google Inc.) C:\Users\Tygan\Downloads\googledrivesync.exe 2016-10-20 17:34 - 2016-10-20 17:40 - 1559413739 _____ C:\Users\Tygan\Desktop\CqPm5GsWcAEHdkc.7z.gpg 2016-10-20 15:54 - 2016-10-20 15:54 - 00012512 _____ C:\Users\Tygan\Documents\Sophie.pdf 2016-10-20 15:54 - 2016-10-20 15:54 - 00012155 _____ C:\Users\Tygan\Documents\soooophie abschied.pdf 2016-10-20 02:51 - 2016-10-20 02:51 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk 2016-10-20 02:51 - 2016-10-20 02:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 2016-10-20 02:50 - 2016-10-20 02:51 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2016-10-20 02:23 - 2016-10-20 02:32 - 221679616 _____ C:\Users\Tygan\Downloads\LibreOffice_5.1.5_Win_x86.msi 2016-10-17 19:13 - 2016-10-17 19:13 - 00544769 _____ C:\Users\Tygan\Documents\bookmarks_17.10.16.html 2016-10-16 19:51 - 2016-10-23 12:25 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-16 19:51 - 2016-10-16 19:51 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk 2016-10-16 19:51 - 2016-10-16 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-10-14 21:43 - 2016-10-23 22:39 - 00000000 ____D C:\Users\Tygan\Desktop\rcsetup153 2016-10-14 21:43 - 2016-10-14 21:43 - 04007927 _____ C:\Users\Tygan\Desktop\rcsetup153.zip 2016-10-13 00:53 - 2016-10-13 00:53 - 00000807 _____ C:\Users\Tygan\Desktop\Documents.lnk 2016-10-13 00:51 - 2016-10-13 00:52 - 00000779 _____ C:\Users\Tygan\Desktop\Musik.lnk 2016-10-13 00:41 - 2016-10-13 00:42 - 00245485 _____ C:\Users\Tygan\Downloads\firefox-bookmarks.html 2016-10-13 00:01 - 2016-10-13 00:01 - 00000963 _____ C:\Users\Tygan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-10-13 00:00 - 2016-10-13 00:01 - 00000000 ____D C:\Users\Tygan\Documents\Tor Browser 2016-10-12 23:58 - 2016-10-13 00:00 - 50015776 _____ C:\Users\Tygan\Downloads\torbrowser-install-6.0.5_de.exe 2016-10-12 16:31 - 2016-10-12 16:35 - 00000000 ___DC C:\Users\Tygan\Documents\HandySachen 2016-10-11 20:57 - 2016-10-05 12:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2016-10-11 20:57 - 2016-10-05 12:13 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-10-11 20:57 - 2016-10-05 12:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-10-11 20:57 - 2016-10-05 11:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-10-11 20:57 - 2016-10-05 11:44 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-10-11 20:57 - 2016-10-05 11:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-11 20:57 - 2016-10-05 11:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2016-10-11 20:57 - 2016-10-05 11:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2016-10-11 20:57 - 2016-10-05 11:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-10-11 20:57 - 2016-10-05 11:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll 2016-10-11 20:57 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-10-11 20:57 - 2016-10-05 11:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2016-10-11 20:57 - 2016-10-05 11:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2016-10-11 20:57 - 2016-10-05 11:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2016-10-11 20:57 - 2016-10-05 11:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2016-10-11 20:57 - 2016-10-05 11:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2016-10-11 20:57 - 2016-10-05 11:26 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-10-11 20:57 - 2016-10-05 11:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2016-10-11 20:57 - 2016-10-05 11:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-10-11 20:57 - 2016-10-05 11:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2016-10-11 20:57 - 2016-10-05 11:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-10-11 20:57 - 2016-10-05 11:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-10-11 20:57 - 2016-10-05 11:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2016-10-11 20:57 - 2016-10-05 11:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2016-10-11 20:57 - 2016-10-05 11:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2016-10-11 20:57 - 2016-10-05 11:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-10-11 20:57 - 2016-10-05 11:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2016-10-11 20:57 - 2016-10-05 11:22 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-10-11 20:57 - 2016-10-05 11:21 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-10-11 20:57 - 2016-10-05 11:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-10-11 20:57 - 2016-10-05 11:19 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-10-11 20:57 - 2016-10-05 11:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-10-11 20:57 - 2016-10-05 11:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-10-11 20:57 - 2016-10-05 11:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-10-11 20:57 - 2016-10-05 11:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-10-11 20:57 - 2016-10-05 11:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-10-11 20:57 - 2016-10-05 11:15 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-10-11 20:57 - 2016-10-05 11:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-10-11 20:57 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2016-10-11 20:57 - 2016-10-05 11:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-10-11 20:57 - 2016-10-05 11:14 - 02667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-10-11 20:57 - 2016-10-05 11:14 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2016-10-11 20:57 - 2016-10-05 11:14 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-10-11 20:57 - 2016-10-05 11:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-10-11 20:57 - 2016-10-05 11:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-10-11 20:57 - 2016-10-05 11:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-10-11 20:57 - 2016-10-05 11:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-10-11 20:57 - 2016-10-05 11:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-10-11 20:57 - 2016-10-05 11:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-10-11 20:57 - 2016-10-05 11:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-10-11 20:57 - 2016-10-05 11:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2016-10-11 20:56 - 2016-10-05 12:09 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-10-11 20:56 - 2016-10-05 12:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2016-10-11 20:56 - 2016-10-05 11:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-10-11 20:56 - 2016-10-05 11:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2016-10-11 20:56 - 2016-10-05 11:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-10-11 20:56 - 2016-10-05 11:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-10-11 20:56 - 2016-10-05 11:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-10-11 20:56 - 2016-10-05 11:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-10-11 20:56 - 2016-10-05 11:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2016-10-11 20:56 - 2016-10-05 11:19 - 02265088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-10-11 20:56 - 2016-10-05 11:19 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-10-11 20:56 - 2016-10-05 11:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-10-11 20:56 - 2016-10-05 11:15 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-10-11 20:56 - 2016-10-05 11:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-10-11 20:56 - 2016-10-05 11:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-10-11 20:56 - 2016-10-05 11:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-10-11 20:56 - 2016-10-05 11:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-10-11 20:54 - 2016-10-05 11:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll 2016-10-11 20:54 - 2016-10-05 11:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2016-10-11 20:54 - 2016-10-05 11:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2016-10-11 20:53 - 2016-10-05 12:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-10-11 20:53 - 2016-10-05 12:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2016-10-11 20:53 - 2016-10-05 11:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-10-11 20:53 - 2016-10-05 11:45 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-10-11 20:53 - 2016-10-05 11:35 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll 2016-10-11 20:53 - 2016-10-05 11:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2016-10-11 20:53 - 2016-10-05 11:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2016-10-11 20:53 - 2016-10-05 11:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-10-11 20:53 - 2016-10-05 11:29 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-10-11 20:53 - 2016-10-05 11:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2016-10-11 20:53 - 2016-10-05 11:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-10-11 20:53 - 2016-10-05 11:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2016-10-11 20:53 - 2016-10-05 11:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-10-11 20:53 - 2016-10-05 11:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2016-10-11 20:53 - 2016-10-05 11:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-10-11 20:53 - 2016-10-05 11:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2016-10-11 20:53 - 2016-10-05 11:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-10-11 20:53 - 2016-10-05 11:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-10-11 20:53 - 2016-10-05 11:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-10-11 20:53 - 2016-10-05 11:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-10-11 20:53 - 2016-10-05 11:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-10-11 20:53 - 2016-10-05 11:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-10-11 20:53 - 2016-10-05 11:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-10-11 20:53 - 2016-10-05 11:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-10-11 20:53 - 2016-10-05 11:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-10-11 20:53 - 2016-10-05 11:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-10-11 20:53 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-10-11 20:52 - 2016-10-05 12:34 - 01051104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-10-11 20:52 - 2016-10-05 12:34 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-10-11 20:52 - 2016-10-05 12:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2016-10-11 20:52 - 2016-10-05 12:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-10-11 20:52 - 2016-10-05 12:31 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-10-11 20:52 - 2016-10-05 12:31 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-10-11 20:52 - 2016-10-05 12:30 - 07812448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-10-11 20:52 - 2016-10-05 12:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-10-11 20:52 - 2016-10-05 12:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-10-11 20:52 - 2016-10-05 12:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-10-11 20:52 - 2016-10-05 12:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-10-11 20:52 - 2016-10-05 12:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-10-11 20:52 - 2016-10-05 12:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-10-11 20:52 - 2016-10-05 11:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2016-10-11 20:52 - 2016-10-05 11:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-10-11 20:52 - 2016-10-05 11:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-10-11 20:52 - 2016-10-05 11:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-10-11 20:52 - 2016-10-05 11:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-10-11 20:52 - 2016-10-05 11:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2016-10-11 20:52 - 2016-10-05 11:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-10-11 20:52 - 2016-10-05 11:33 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-10-11 20:52 - 2016-10-05 11:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-10-11 20:52 - 2016-10-05 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2016-10-11 20:52 - 2016-10-05 11:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-10-11 20:52 - 2016-10-05 11:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-10-11 20:52 - 2016-10-05 11:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2016-10-11 20:52 - 2016-10-05 11:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-10-11 20:52 - 2016-10-05 11:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-10-11 20:52 - 2016-10-05 11:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-10-11 20:52 - 2016-10-05 11:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-10-11 20:52 - 2016-10-05 11:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-10-11 20:52 - 2016-10-05 11:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2016-10-11 20:52 - 2016-10-05 11:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2016-10-11 20:52 - 2016-10-05 11:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-10-11 20:52 - 2016-10-05 11:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-11 20:52 - 2016-10-05 11:24 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-10-11 20:52 - 2016-10-05 11:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2016-10-11 20:52 - 2016-10-05 11:21 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-10-11 20:52 - 2016-10-05 11:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-10-11 20:52 - 2016-10-05 11:20 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-10-11 20:52 - 2016-10-05 11:19 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-10-11 20:52 - 2016-10-05 11:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-10-11 20:52 - 2016-10-05 11:18 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-10-11 20:52 - 2016-10-05 11:17 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-10-11 20:52 - 2016-10-05 11:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-10-11 20:52 - 2016-10-05 11:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-10-11 20:52 - 2016-10-05 11:15 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-10-11 20:52 - 2016-10-05 11:15 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-10-11 20:52 - 2016-10-05 11:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-10-11 20:52 - 2016-10-05 11:14 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-10-11 20:52 - 2016-10-05 11:14 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-10-11 20:52 - 2016-10-05 11:14 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-10-11 20:52 - 2016-10-05 11:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-10-11 20:52 - 2016-10-05 11:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-10-11 20:52 - 2016-10-05 11:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2016-10-11 20:52 - 2016-10-05 11:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2016-10-11 20:52 - 2016-10-05 11:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-10-11 20:52 - 2016-10-05 11:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-10-11 20:52 - 2016-10-05 11:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-10-11 20:52 - 2016-10-05 11:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-10-11 20:52 - 2016-10-05 11:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-10-11 20:52 - 2016-10-05 11:07 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-10-11 20:52 - 2016-10-05 11:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-10-11 20:52 - 2016-10-05 11:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-10-11 20:52 - 2016-10-05 11:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-10-11 20:52 - 2016-10-05 11:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-10-11 20:52 - 2016-10-05 02:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-10-11 20:51 - 2016-10-05 12:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-10-11 20:51 - 2016-10-05 12:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-10-11 20:51 - 2016-10-05 12:09 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-10-11 20:51 - 2016-10-05 12:09 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-10-11 20:51 - 2016-10-05 12:04 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-10-11 20:51 - 2016-10-05 12:04 - 00628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-10-11 20:51 - 2016-10-05 11:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-10-11 20:51 - 2016-10-05 11:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-10-11 20:51 - 2016-10-05 11:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2016-10-11 20:51 - 2016-10-05 11:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-10-11 20:51 - 2016-10-05 11:29 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-10-11 20:51 - 2016-10-05 11:29 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-10-11 20:51 - 2016-10-05 11:28 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-10-11 20:51 - 2016-10-05 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-10-11 20:51 - 2016-10-05 11:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-10-11 20:51 - 2016-10-05 11:22 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-10-11 20:51 - 2016-10-05 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-10-11 20:51 - 2016-10-05 11:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2016-10-11 20:51 - 2016-10-05 11:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-10-11 20:51 - 2016-10-05 11:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-10-11 20:51 - 2016-10-05 11:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-10-11 20:51 - 2016-10-05 11:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2016-10-11 20:51 - 2016-10-05 11:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-10-11 20:51 - 2016-10-05 11:15 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2016-10-11 20:51 - 2016-10-05 11:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-10-11 20:51 - 2016-10-05 11:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-10-11 20:51 - 2016-10-05 11:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-10-11 20:51 - 2016-10-05 11:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-10-11 20:51 - 2016-10-05 11:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2016-10-09 09:18 - 2016-10-09 09:18 - 00001737 _____ C:\Users\Tygan\AppData\Roaming\log.xml 2016-10-06 21:01 - 2016-10-06 21:01 - 00122715 ____C C:\Users\Tygan\Documents\ebook-www.gesundheits-magazin.net.pdf 2016-10-06 19:47 - 2016-10-20 01:48 - 00000000 ____D C:\Users\Tygan\Documents\WhatsApp1 2016-10-04 21:49 - 2016-10-13 16:04 - 00001389 _____ C:\Users\Tygan\Desktop\factorio - Verknüpfung.lnk 2016-10-04 18:43 - 2016-10-04 18:43 - 00001116 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk 2016-10-04 18:43 - 2016-10-04 18:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-10-04 18:40 - 2016-10-04 18:43 - 00000000 ____D C:\Program Files (x86)\GOG Galaxy 2016-10-04 18:40 - 2016-10-04 18:40 - 00000000 ____D C:\ProgramData\GOG.com 2016-10-04 18:21 - 2016-10-04 18:40 - 148707936 _____ (GOG.com ) C:\Users\Tygan\Downloads\setup_galaxy_1.1.17.3.exe 2016-10-02 16:18 - 2016-10-02 16:18 - 00002286 _____ C:\Users\Tygan\Desktop\Discord.lnk 2016-10-02 16:18 - 2016-10-02 16:18 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2016-10-02 16:16 - 2016-10-02 16:17 - 00000000 ____D C:\Users\Tygan\AppData\Local\Discord 2016-10-02 16:14 - 2016-10-02 16:16 - 50343608 _____ (Hammer & Chisel, Inc.) C:\Users\Tygan\Downloads\DiscordSetup.exe 2016-09-30 22:26 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2016-09-30 22:26 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2016-09-30 22:26 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-09-30 22:26 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2016-09-30 22:26 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2016-09-30 22:26 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll 2016-09-30 22:26 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2016-09-30 22:26 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2016-09-30 22:26 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2016-09-30 22:26 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-09-30 22:25 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-09-30 22:25 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-09-30 22:25 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-09-30 22:25 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2016-09-30 22:25 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-09-30 22:25 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-09-30 22:25 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2016-09-30 22:25 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-09-30 22:25 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-09-30 22:25 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2016-09-30 22:25 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-09-30 22:25 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-09-30 22:25 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-09-30 22:25 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-09-30 22:25 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2016-09-30 22:25 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-09-30 22:25 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-09-30 22:25 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll 2016-09-30 22:25 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2016-09-30 22:25 - 2016-09-15 19:03 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll 2016-09-30 22:25 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2016-09-30 22:25 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2016-09-30 22:25 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2016-09-30 22:25 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2016-09-30 22:25 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2016-09-30 22:25 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2016-09-30 22:25 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2016-09-30 22:25 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2016-09-30 22:25 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-09-30 22:25 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2016-09-30 22:25 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-09-30 22:25 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-09-30 22:25 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2016-09-30 22:25 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2016-09-30 22:25 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2016-09-30 22:25 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2016-09-30 22:25 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2016-09-30 22:25 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-09-30 22:25 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2016-09-30 22:25 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-09-30 22:25 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2016-09-30 22:25 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-09-30 22:25 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-09-30 22:25 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-09-30 22:25 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2016-09-30 22:25 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll 2016-09-30 22:25 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-09-30 22:25 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-09-30 22:25 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-09-30 22:25 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-09-30 22:25 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2016-09-30 22:25 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-09-30 22:25 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2016-09-30 22:25 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2016-09-30 22:25 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2016-09-30 22:25 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-09-30 22:25 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2016-09-30 22:25 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-09-30 22:25 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-09-30 22:25 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2016-09-30 22:25 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL 2016-09-30 22:25 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2016-09-30 22:25 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll 2016-09-30 22:25 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2016-09-30 22:25 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-09-30 22:25 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll 2016-09-30 22:25 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll 2016-09-30 22:25 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-09-30 22:25 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-09-30 22:25 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-09-30 22:25 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2016-09-30 22:25 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2016-09-30 22:25 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-09-30 22:25 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2016-09-30 22:25 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2016-09-30 22:25 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2016-09-30 22:25 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-09-30 22:25 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-09-30 22:25 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2016-09-30 22:25 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-09-30 22:25 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2016-09-30 22:25 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-09-30 22:25 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2016-09-30 22:25 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2016-09-30 22:25 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2016-09-30 22:25 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2016-09-30 22:25 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-09-30 22:24 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-09-30 22:24 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-09-30 22:24 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2016-09-30 22:24 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-09-30 22:24 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-09-30 22:24 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-09-30 22:24 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-09-30 22:24 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-09-30 22:24 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-09-30 22:24 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2016-09-30 22:24 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-09-30 22:24 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2016-09-30 22:24 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-09-30 22:24 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-09-30 22:24 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll 2016-09-30 22:24 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-09-30 22:24 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-09-30 22:24 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2016-09-30 22:24 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2016-09-30 22:24 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2016-09-30 22:24 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-09-30 22:24 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2016-09-30 22:24 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-09-30 22:24 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll 2016-09-30 22:24 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2016-09-30 22:24 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2016-09-30 22:24 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2016-09-30 22:24 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2016-09-30 22:24 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll 2016-09-30 22:24 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-09-30 22:24 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2016-09-30 22:24 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2016-09-30 22:24 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2016-09-30 22:24 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-09-30 22:24 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-09-30 22:24 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2016-09-30 22:24 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2016-09-30 22:24 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-09-30 22:24 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2016-09-30 22:24 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-09-30 22:24 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2016-09-30 22:24 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2016-09-30 22:24 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-09-30 22:24 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2016-09-30 22:24 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2016-09-30 22:24 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2016-09-30 22:24 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-09-30 22:19 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2016-09-30 22:19 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-09-30 22:19 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2016-09-30 22:19 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-09-30 22:19 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2016-09-30 22:19 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-09-30 22:19 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-09-30 22:19 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2016-09-30 22:19 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2016-09-30 22:19 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-09-30 22:19 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll 2016-09-30 22:19 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-09-30 22:19 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2016-09-30 22:19 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2016-09-30 22:19 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2016-09-30 22:19 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2016-09-30 22:19 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2016-09-30 22:19 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2016-09-30 22:19 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2016-09-30 22:19 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2016-09-30 22:19 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-09-30 22:19 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-09-30 22:19 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2016-09-30 22:19 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-09-30 22:19 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-09-30 22:19 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe 2016-09-30 22:19 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2016-09-30 22:19 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2016-09-30 22:19 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2016-09-30 22:19 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-09-30 22:19 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-09-30 22:19 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2016-09-30 22:19 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2016-09-30 22:19 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2016-09-30 22:19 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-09-30 22:19 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-09-30 22:19 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-09-30 22:19 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-09-30 22:19 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-09-30 22:19 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-09-30 22:19 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll 2016-09-30 22:19 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2016-09-30 22:19 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2016-09-30 22:19 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2016-09-30 22:19 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-09-30 22:19 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2016-09-30 22:19 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-09-30 22:19 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-09-30 22:19 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2016-09-30 22:19 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-09-30 22:19 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-09-30 22:19 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2016-09-30 22:19 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2016-09-30 22:19 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2016-09-30 22:19 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2016-09-30 22:19 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2016-09-30 22:19 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2016-09-30 22:18 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-09-30 22:18 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2016-09-30 22:18 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-09-30 22:18 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-09-30 22:18 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-09-30 22:18 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-09-30 22:18 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe 2016-09-30 22:18 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-09-30 22:18 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-09-30 22:18 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-09-30 22:18 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2016-09-30 22:18 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2016-09-30 22:18 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-09-30 22:18 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-09-30 22:18 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-09-30 22:18 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-09-30 22:18 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2016-09-30 22:18 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-09-30 22:18 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-09-30 22:18 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-09-30 22:18 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2016-09-30 22:18 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-09-30 22:18 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2016-09-30 22:18 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2016-09-30 22:18 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2016-09-30 22:18 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2016-09-30 22:18 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2016-09-30 22:18 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll 2016-09-30 22:18 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2016-09-30 22:18 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2016-09-30 22:18 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2016-09-30 22:18 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll 2016-09-30 22:18 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2016-09-30 22:18 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll 2016-09-30 22:18 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2016-09-30 22:18 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-09-30 22:18 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2016-09-30 22:18 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2016-09-30 22:18 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-09-30 22:18 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-09-30 22:18 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2016-09-30 22:18 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll 2016-09-30 22:18 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2016-09-30 22:18 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-09-30 22:18 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll 2016-09-30 22:18 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2016-09-30 22:18 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-09-30 22:18 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2016-09-30 22:18 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-09-30 22:18 - 2016-09-15 18:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe 2016-09-30 22:18 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2016-09-30 22:18 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-09-30 22:18 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2016-09-30 22:18 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-09-30 22:18 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe 2016-09-30 22:18 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2016-09-30 22:18 - 2016-09-15 18:28 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2016-09-30 22:18 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-09-30 22:18 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2016-09-30 22:18 - 2016-09-15 18:28 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe 2016-09-30 22:18 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-09-30 22:18 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL 2016-09-30 22:18 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2016-09-30 22:18 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe 2016-09-30 22:18 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll 2016-09-30 22:18 - 2016-09-15 18:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2016-09-30 22:18 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2016-09-30 22:18 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-09-30 22:18 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll 2016-09-30 22:18 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-09-30 22:18 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2016-09-30 22:18 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll 2016-09-30 22:18 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-09-30 22:18 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2016-09-30 22:18 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-09-30 22:18 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-09-30 22:18 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2016-09-30 22:18 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-09-30 22:18 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2016-09-30 22:18 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2016-09-30 22:18 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-09-30 22:18 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2016-09-30 22:18 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2016-09-30 22:18 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-09-30 22:18 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2016-09-30 22:18 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-09-30 22:18 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2016-09-30 22:18 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2016-09-30 22:18 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-09-30 22:18 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-09-30 22:18 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-09-30 22:18 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2016-09-30 22:18 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2016-09-30 22:18 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2016-09-30 22:18 - 2016-09-15 18:16 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll 2016-09-30 22:18 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2016-09-30 22:17 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-09-30 22:17 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2016-09-30 22:17 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-09-30 22:17 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-30 22:17 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2016-09-30 22:17 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-09-30 22:17 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-09-30 22:17 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-09-30 22:17 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-09-30 22:17 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-09-30 22:17 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-09-30 22:17 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-09-30 22:17 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2016-09-30 22:17 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-09-30 22:17 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2016-09-30 22:17 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-09-30 22:17 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-09-30 22:17 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-09-30 22:17 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-09-30 22:17 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-09-30 22:17 - 2016-09-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll 2016-09-30 22:17 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-09-30 22:17 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2016-09-30 22:17 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-09-30 22:17 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2016-09-30 22:17 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2016-09-30 22:17 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-09-30 22:17 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2016-09-30 22:17 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2016-09-30 22:17 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2016-09-30 22:17 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-09-30 22:17 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2016-09-30 22:17 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2016-09-30 22:17 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2016-09-30 22:17 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2016-09-30 22:17 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2016-09-30 22:17 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-09-30 22:17 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2016-09-30 22:17 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll 2016-09-30 22:17 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2016-09-30 22:17 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-09-30 22:17 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2016-09-30 22:17 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-09-30 22:17 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-09-30 22:17 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-09-30 22:17 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-09-30 22:17 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2016-09-30 22:17 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2016-09-30 22:17 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2016-09-30 22:17 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2016-09-30 22:17 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-09-30 22:17 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-09-30 22:17 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll 2016-09-30 22:17 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2016-09-30 22:17 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2016-09-30 22:17 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-09-30 22:17 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-09-30 22:17 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2016-09-30 22:17 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2016-09-30 22:17 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2016-09-30 22:17 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2016-09-30 22:17 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-09-30 22:17 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-09-30 22:17 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2016-09-30 22:17 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-09-30 22:17 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-09-30 22:17 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-09-30 22:17 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2016-09-30 22:17 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-09-30 22:17 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-09-30 22:17 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-09-30 22:17 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-09-30 22:17 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2016-09-30 22:16 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-09-30 22:16 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-09-30 22:16 - 2016-09-15 19:29 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2016-09-30 22:16 - 2016-09-15 19:29 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2016-09-30 22:16 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-09-30 22:16 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2016-09-30 22:16 - 2016-09-15 19:29 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2016-09-30 22:16 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys 2016-09-30 22:16 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-09-30 22:16 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-09-30 22:16 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-09-30 22:16 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-09-30 22:16 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-09-30 22:16 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-09-30 22:16 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-09-30 22:16 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2016-09-30 22:16 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2016-09-30 22:16 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-09-30 22:16 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2016-09-30 22:16 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-09-30 22:16 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-09-30 22:16 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2016-09-30 22:16 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2016-09-30 22:16 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll 2016-09-30 22:16 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll 2016-09-30 22:16 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-09-30 22:16 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll 2016-09-30 22:16 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2016-09-30 22:16 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2016-09-30 22:16 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-09-30 22:16 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll 2016-09-30 22:16 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll 2016-09-30 22:16 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2016-09-30 22:16 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-09-30 22:16 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2016-09-30 22:16 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-09-30 22:16 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2016-09-30 22:16 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-09-30 22:16 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2016-09-30 22:16 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-09-30 22:16 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2016-09-30 22:16 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-09-30 22:15 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2016-09-30 22:15 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-09-30 22:15 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-09-30 22:15 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2016-09-30 21:43 - 2016-09-30 21:43 - 00000047 ____C C:\Users\Tygan\Documents\PlayStation.txt 2016-09-28 00:46 - 2016-09-28 01:24 - 50343608 ____C (Hammer & Chisel, Inc.) C:\Users\Tygan\Documents\discord.exe * |
|
28.10.2016, 13:10
| #14 |
| | JS/SecurityDisabler.BCode:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ========
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
*
2016-10-28 00:39 - 2016-01-22 15:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-27 23:17 - 2016-06-12 14:03 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Factorio
2016-10-27 23:11 - 2016-08-03 19:45 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-27 23:11 - 2016-08-03 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-27 21:55 - 2016-04-08 12:42 - 00000000 ___DC C:\Users\Tygan\Documents\GTA San Andreas User Files
2016-10-27 19:16 - 2016-04-04 23:51 - 00005758 __RSH C:\ProgramData\ntuser.pol
2016-10-27 18:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-27 18:10 - 2016-05-29 23:28 - 00000000 ____D C:\Users\Tygan\AppData\Local\ElevatedDiagnostics
2016-10-27 17:42 - 2016-08-03 17:08 - 00000000 ____D C:\Users\Tygan
2016-10-27 16:08 - 2016-04-16 17:34 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\vlc
2016-10-27 15:54 - 2016-04-04 23:35 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Skype
2016-10-26 13:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-25 20:07 - 2016-08-03 17:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-25 20:07 - 2016-08-03 16:56 - 00638600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-25 20:07 - 2016-07-22 12:30 - 00000000 ____D C:\ProgramData\VMware
2016-10-25 20:07 - 2014-11-05 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-25 20:06 - 2016-07-16 08:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2016-10-25 19:50 - 2016-07-05 22:02 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\KeePass
2016-10-25 19:07 - 2016-06-22 14:59 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\gnupg
2016-10-25 17:44 - 2016-08-25 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 15:54 - 2016-07-05 21:57 - 00000000 ___DC C:\Users\Tygan\Documents\My Safes
2016-10-24 23:57 - 2016-01-23 00:25 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-24 23:57 - 2016-01-23 00:25 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-24 01:34 - 2016-08-21 17:03 - 00000000 ___RD C:\Users\Tygan\OneDrive
2016-10-23 12:25 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Packages
2016-10-23 12:25 - 2015-04-07 11:25 - 00000000 ____D C:\ProgramData\Skype
2016-10-21 19:00 - 2016-08-03 17:29 - 00003610 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2016-10-20 18:24 - 2016-09-27 00:33 - 00000000 ___DC C:\Users\Tygan\Documents\CqPm5GsWcAEHdkc
2016-10-20 17:51 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Google
2016-10-20 17:51 - 2016-01-23 00:23 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-20 02:46 - 2016-01-20 13:47 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-10-20 02:00 - 2016-04-30 20:14 - 00000000 ___DC C:\Users\Tygan\Documents\stuff
2016-10-20 01:48 - 1970-01-01 02:00 - 00000000 ___DC C:\Users\Tygan\Documents\WhatsApp
2016-10-19 23:46 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-19 13:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-18 17:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-16 16:16 - 2016-08-21 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-16 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-16 02:16 - 2016-08-09 23:38 - 00000000 ___HD C:\OneDriveTemp
2016-10-13 18:50 - 2016-08-03 17:05 - 02124996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-13 18:50 - 2016-07-17 00:51 - 00798842 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-13 18:50 - 2016-07-17 00:51 - 00188136 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-13 01:03 - 2016-07-14 14:55 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\NetSpeedMonitor
2016-10-12 17:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-12 16:22 - 2015-07-29 18:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 16:09 - 2016-07-25 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-12 11:42 - 2014-01-23 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 02:24 - 2014-01-23 20:41 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 20:20 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 20:19 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-09 14:04 - 2016-07-25 15:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\VMware
2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Local\VMware
2016-10-06 19:22 - 2016-05-29 23:53 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\TeamViewer
2016-10-06 17:14 - 2016-07-25 15:39 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-10-06 17:14 - 2016-07-25 15:39 - 00001106 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-10-05 19:26 - 2016-07-13 19:08 - 00000000 ____D C:\Users\Tygan\AppData\Local\Ubisoft Game Launcher
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-02 17:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-02 17:22 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-02 16:18 - 2016-06-25 22:40 - 00000000 ____D C:\Users\Tygan\AppData\Local\SquirrelTemp
2016-09-28 01:25 - 2016-06-25 22:41 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\discord
*
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
*
2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileIn.cns
2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileOut.cns
2016-10-09 09:18 - 2016-10-09 09:18 - 0001737 _____ () C:\Users\Tygan\AppData\Roaming\log.xml
2016-07-17 23:18 - 2016-07-17 23:18 - 0007656 _____ () C:\Users\Tygan\AppData\Local\Resmon.ResmonCfg
2016-10-25 20:07 - 2016-10-25 20:07 - 0000000 ____H () C:\ProgramData\cm-lock
*
Einige Dateien in TEMP:
====================
C:\Users\Tygan\AppData\Local\Temp\OCLF103.tmp.dll
C:\Users\Tygan\AppData\Local\Temp\OCLF1FF.tmp.dll
C:\Users\Tygan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tygan\AppData\Local\Temp\sfareca00001.dll
*
*
==================== Bamital & volsnap ======================
*
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
*
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
*
*
LastRegBack: 2016-10-20 19:33*
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2016
durchgeführt von Tygan (28-10-2016 01:01:29)
Gestartet von C:\Users\Tygan\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-03 15:38:07)
Start-Modus: Normal
==========================================================
*
*
==================== Konten: =============================
*
Administrator (S-1-5-21-624198674-977653023-2037852723-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-624198674-977653023-2037852723-503 - Limited - Disabled)
Gast (S-1-5-21-624198674-977653023-2037852723-501 - Limited - Disabled)
Jendrik (S-1-5-21-624198674-977653023-2037852723-1027 - Limited - Enabled) => C:\Users\Jendrik
Tygan (S-1-5-21-624198674-977653023-2037852723-1021 - Administrator - Enabled) => C:\Users\Tygan
*
==================== Sicherheits-Center ========================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
*
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
*
==================== Installierte Programme ======================
*
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
*
7art Fluorescent Clock © 7art-screensavers.com (HKLM-x32\...\7art Fluorescent Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art Radiating Clock © 7art-screensavers.com (HKLM-x32\...\7art Radiating Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art-ScreenSavers-Manager © 7art-screensavers.com (HKLM-x32\...\7art-ScreenSavers-Manager_is1) (Version: 4 - 7art-screensavers.com SoftWare Development Studio)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{7E33E883-0D17-4397-A461-B576605E34B1}) (Version: 12.1.6.156 - Adobe Systems, Inc)
AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Core Temp 1.3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.3 - ALCPU)
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.02.001 - )
ESET NOD32 Antivirus (HKLM\...\{6A816859-EC01-43F5-9EE2-B3B168CC52CB}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
Factorio version 0.12.3 (HKLM\...\Factorio_is1) (Version: *- )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: *- GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gpg4win (2.3.1) (HKLM-x32\...\GPG4Win) (Version: 2.3.1 - The Gpg4win Project)
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: *- Rockstar Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: *- Rockstar Games)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: *- )
MAGIX Movie Edit Pro 2016 Premium (HKLM\...\MX.{0E64129B-4258-44B9-8034-464C6E28878D}) (Version: 15.0.0.73 - MAGIX Software GmbH)
MAGIX Movie Edit Pro 2016 Premium (Version: 15.0.0.73 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 *x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 *x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: *- Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.2.0.6 - NETGEAR)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
Sid Meier's Civilization III: Complete (HKLM\...\Steam App 3910) (Version: *- Firaxis Games)
Sid Meier's Civilization IV (HKLM\...\Steam App 3900) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Beyond the Sword (HKLM\...\Steam App 8800) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Colonization (HKLM\...\Steam App 16810) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Warlords (HKLM\...\Steam App 3990) (Version: *- Firaxis Games)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: *- Christian Handorf)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: *- )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: *- Re-Logic)
Tropico 4 (HKLM\...\Steam App 57690) (Version: *- Haemimont Games)
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.17 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Workstation (HKLM\...\{F4C0A853-FA3B-4404-954B-799299EB5A98}) (Version: 12.1.1 - VMware, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.0.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.5 - The Wireshark developer community, hxxps://www.wireshark.org)
*
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
*
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
Task: {077D9730-A325-418A-A370-8FDB2AB69740} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.)
Task: {0925C293-A417-4212-97B6-79AA19FA7961} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B75604B-9502-4A48-ADE3-1237E2FBF078} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD77EEF-77A1-4F93-BB9B-E9200CE7EDD2} - System32\Tasks\{D5006F34-817C-4DE0-877C-FFF62AEC3502} => pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {15D635DD-27BD-4CBB-8FF7-667CA955FEB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {1E24BA0C-A9C7-4EB3-B9FC-80BA2F51F025} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2010C5A7-AB3A-49B1-9C74-87670E1563B1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28F380A0-0DF8-4D51-B386-871F732C952C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {2AC1ADE9-DD33-422E-A1CB-A893D6A0AC4D} - System32\Tasks\{9C213DAE-C246-4484-90F4-704E34947FA1} => pcalua.exe -a D:\setup.exe -d D:\
Task: {34150056-E698-4C15-A124-37E8DE1AC7C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40237349-3DDE-4B82-8440-23FA248D5599} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5403244C-E898-4F08-895E-F3CA03F79136} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5653A8BA-5766-4972-AFE4-6AF986F39A5A} - System32\Tasks\{A1C0E21F-C04B-4D7F-A3C7-F4A887B38845} => pcalua.exe -a "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe" -d "C:\Program Files (x86)\ESET\ESET Online Scanner"
Task: {565763B7-74CD-4027-9408-72B0647956E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56F31CE6-6542-4ED2-AD8A-6B1BDE758A4B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {5804C292-C77C-4BA6-A77B-687BCA77E37D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ACFA180-BE93-4757-A600-57A61FE79EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {66666BC5-008A-46A1-96D6-285393AE992E} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMOJMMGMJJIMJMLJCNOJHMPMNJCNLMGMGMGMCNGMOMHMKMCNGMLMNMJJLMGMOJJMMMLJKJMMJNJICMIMCNGMCNOMNMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMNMHMJNHICMEKMICNJJCKJNBJCMDLKJCJPMLIHJJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFI (Der Dateneintrag hat 29 mehr Zeichen).
Task: {6670D31E-C371-47EA-AEBC-DFCB51D7B4B5} - System32\Tasks\Sperrbildschirm => add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
Task: {6B947FBC-CBFA-49C1-BE7A-76A0EEA3F402} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {726B0AD1-019A-4519-A737-567260356221} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {79A51A49-477E-4F5F-8156-0AC3B0B6EE79} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7D2FC676-CC2E-44B0-820F-C92183A172FF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8C74191A-5503-44AD-8270-915C52BBC428} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {90633838-3B10-43F0-BC61-5C8504498795} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {90AFBFCB-A5D9-4CA2-A58A-95CFFE3A4C90} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {92ED629F-603B-4D58-A644-04F7BB98D4C8} - System32\Tasks\Core Temp Autostart Tygan => C:\Program Files\Core Temp\Core Temp.exe [2016-09-11] ()
Task: {948C723C-F96E-4B20-A39A-9FBCBE0F5F2F} - System32\Tasks\avastBCLRestartS-1-5-21-624198674-977653023-2037852723-1003 => Firefox.exe
Task: {9958AC97-9AE4-4593-BC43-0FC982D5E833} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B052FB7-4425-490E-BC1E-4E7554AD627D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9EEF6C19-6405-4416-B34E-A560701B7380} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A03E5801-CB80-4C0C-A0E8-F73C97F59AEB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A97FEBFA-8C43-4447-B21D-C6897DA374E4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AA43015D-35A1-43C5-BE5E-A138B79B3AF1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6E6AFBA-338C-44F1-B2A5-FBD198DEC00C} - System32\Tasks\{A4058700-9B97-4117-8851-8B6C3C211F42} => pcalua.exe -a C:\Users\Jendrik\Downloads\jxpiinstall.exe -d C:\Users\Jendrik\Downloads
Task: {B6F44A38-2743-4D90-A4F1-751570CCFEBC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {B954A2A3-7EA5-47B8-93AB-136A508381A7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {BF62A763-E716-43FD-8FE9-0C5A5842EDF7} - System32\Tasks\{8E2B0D8E-A7C2-41AB-A0CC-6F1051CCC161} => pcalua.exe -a "C:\Program Files\Codemasters\OperationFlashpoint\OpFlashPreferences.exe" -d "C:\Program Files\Codemasters\OperationFlashpoint"
Task: {C525495D-FB5A-4963-BDEC-4C77CE448931} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {C9DE67D1-1BB8-4B1A-AA9D-E0B1199931F8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CBA0DA7C-9D08-4490-9AD7-B38E02C71747} - System32\Tasks\{197B8FA4-1324-4E58-977E-3387813919D4} => pcalua.exe -a D:\DirectX\dxsetup.exe -d D:\DirectX
Task: {CDE38717-7FCF-49E4-9B48-4D8930E458E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA80726F-9E08-4DF3-B961-7A8A7D20A5C6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF163-3F7F-44D3-9B80-C8B5F93C8F28} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F1E4FF0B-03E2-4A42-BF69-17E5765E0C20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6A11EE2-0023-4595-8D9D-F2922462880E} - System32\Tasks\{1A673BBD-E760-48DE-8182-982ABA1E0CD0} => pcalua.exe -a C:\Users\Deus\Downloads\forge-1.8-11.14.1.1361-installer-win.exe -d C:\Users\Deus\Downloads
Task: {F8D69DA4-D5C2-4E9D-930E-2906092F8638} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB409A52-D98C-4458-BB8A-24EE89EF7A6E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FC13AE24-50AF-4150-830A-1BA18858E237} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FE639A93-6D40-4961-AC31-1B45E9126512} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FF4245B5-59A8-403F-B4E5-8A1D3FF865E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.)
Task: {FFF8BFAC-4011-4218-BA7B-C5B42F2008CC} - System32\Tasks\{104B9CA5-EF7D-4A10-ADB6-70F6F3EB62CE} => pcalua.exe -a C:\Users\Deus\Downloads\VMware-workstation-full-11.1.0-2496824.exe -d C:\Users\Deus\Downloads
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
*
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
*
==================== Verknüpfungen =============================
*
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
*
ShortcutWithArgument: C:\Users\Tygan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Lem0th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
*
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
*
2016-04-05 13:25 - 2016-04-05 13:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-11-03 19:48 - 2014-08-18 18:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-17 15:46 - 2016-09-11 10:19 - 00925160 _____ () C:\Program Files\Core Temp\Core Temp.exe
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 17:45 - 2016-08-25 17:45 - 01864384 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-05-27 14:19 - 2016-05-27 14:19 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-14 23:31 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 20:51 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2012-01-10 14:41 - 2015-05-30 18:26 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2015-02-11 20:57 - 2015-08-10 02:21 - 08276200 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
2016-10-11 20:52 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-11 20:53 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-26 12:50 - 2016-10-26 12:51 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.29.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-04-05 13:12 - 2016-04-05 13:12 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-04-05 13:01 - 2016-04-05 13:01 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-04-05 13:12 - 2016-04-05 13:12 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-04-05 13:15 - 2016-04-05 13:15 - 00750592 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-04-05 13:06 - 2016-04-05 13:06 - 00087552 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-04-14 17:16 - 2016-04-14 17:16 - 01309768 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-11-03 19:48 - 2015-07-15 17:26 - 00450560 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiLib.dll
2015-02-11 20:58 - 2014-07-22 11:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll
2016-08-25 17:45 - 2016-08-25 17:45 - 01383616 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-10-24 23:57 - 2016-10-20 10:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-24 23:57 - 2016-10-20 10:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-08-03 19:49 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-08-03 19:49 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-08-03 19:49 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-08-03 19:49 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-14 13:18 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-08-03 19:49 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
Code:
ATTFilter ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
*
*
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
*
*
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
*
*
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
*
*
==================== Hosts Inhalt: ==========================
*
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
*
2009-07-14 04:34 - 2016-02-24 15:53 - 00001095 ____A C:\WINDOWS\system32\Drivers\etc\hosts
*
127.0.0.1 choice.microsoft.com
127.0.0.1 Choice.microsoft.com.nstac.net
127.0.0.1 Df.telemetry.microsoft.com
127.0.0.1 Oca.telemetry.microsoft.com
127.0.0.1 Oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 Redir.metaservices.microsoft.com
127.0.0.1 Reports.wes.df.telemetry.microsoft.com
127.0.0.1 Services.wes.df.telemetry.microsoft.com
127.0.0.1 Settings-sandbox.data.microsoft.com
127.0.0.1 Sqm.df.telemetry.microsoft.com
127.0.0.1 Sqm.telemetry.microsoft.com
127.0.0.1 Sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 Telecommand.telemetry.microsoft.com
127.0.0.1 Telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 Telemetry.appex.bing.net
127.0.0.1 Telemetry.appex.bing.net:443
127.0.0.1 Telemetry.microsoft.com
127.0.0.1 Telemetry.urs.microsoft.com
127.0.0.1 Vortex-sandbox.data.microsoft.com
127.0.0.1 Vortex-win.data.microsoft.com
127.0.0.1 Vortex.data.microsoft.com
127.0.0.1 Watson.telemetry.microsoft.com
127.0.0.1 Watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 apps.skype.com
127.0.0.1 apps.spotify.com
*
==================== Andere Bereiche ============================
*
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
*
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-624198674-977653023-2037852723-1021\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jendrik\Pictures\Saved Pictures\askwallpapers.com-43185.jpg
HKU\S-1-5-21-624198674-977653023-2037852723-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
*
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
*
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MF NTFS Monitor => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SecureBanking"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "pCloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SecureBanking"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "pCloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GalaxyClient"
*
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E60AE206-2D55-4AE2-BE03-1329312FD0F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{378394AB-9822-4122-8E55-E3995F4CA54A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777B1491-5F7F-41B3-88A0-E196B3EAFCC0}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe
FirewallRules: [{D27C7C8E-1B14-45CA-B1D5-1CE4ECCE5D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{A42BE9C8-851B-4EF6-AEEF-811D2922A9E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{88B80F2A-4D2D-4167-B2DB-274A064167AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe
FirewallRules: [{3D971F71-8933-43F4-ABF0-1D0FAFA5D112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe
FirewallRules: [{AC68BEBD-FB95-4821-96F5-D051F3C7570F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe
FirewallRules: [{AB8027AA-30D9-418F-933C-E9C1E46F1131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe
FirewallRules: [{5CA233AE-05C8-43E9-B286-450B6F760564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe
FirewallRules: [{50A6CFBE-9E49-42AC-9709-23D26F9C4577}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe
FirewallRules: [{3C38DAF4-FB24-44EF-878A-F4A6C9C03B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{109A825B-BFD3-4938-AC47-369D022FF258}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{B44C3290-9BDF-4139-8560-92E46110C1C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe
FirewallRules: [{BF63379B-841E-4B1F-BBA1-A06987AD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe
FirewallRules: [UDP Query User{7FC55172-7B01-4F4C-8E97-01BD9B41FF9F}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{C37E1485-FA69-404E-9B3C-CAB73BFD5045}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{1DB619F2-55EB-458A-A1F0-CC69931D7953}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{CF1861DC-4799-410C-8AE7-FB60D285C243}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{1B73E9FF-F469-4B8D-888C-CA465E90CCA3}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{816974BA-CA0A-4943-9878-2EC7BEE898A6}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{8CA8EC04-3441-45AD-9C88-62454794DE5E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{1BE7434B-A126-4C66-AA5D-1AD1CD895E4E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{26D9069E-74CF-4BB8-BB4E-B9A4F160A93B}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{9EBF9B06-1E53-4968-8D45-64E7F5AB85D4}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4AD96FA5-D0F1-4A80-B277-A8EC07B1095B}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [TCP Query User{1C83C5A9-CB4A-4E20-8FA2-A55AD8A8AD85}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [{E6972D16-0AC3-4BC9-B47C-514B7F426CB7}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe
FirewallRules: [UDP Query User{1281CC9F-65AC-4C51-899F-6F497D4741B1}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{A0D57D79-90D4-4328-A541-14045F7C2F3A}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{87795A95-AC95-41A5-B44D-0FC8B98692F7}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{49D22B15-CEAC-4B61-B0DB-ADB5DD1DBD3B}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{460DAE00-1A73-4C21-88E5-DF8586370FE8}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{5E58BCBA-2A54-42BA-9272-F8FC180D0541}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{FEB90422-50BF-4BBC-9C67-1CA183385D2A}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{2E56E230-0344-4E6A-A98B-DB52242916A6}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{ABD9AFF4-0930-4994-A760-3A0541789D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1070E7AE-683B-4575-AE32-64B778CEA047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CA1EF5BB-0368-4FDB-B4D7-A96D85334062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{F930D29C-5362-4EE2-99B9-D74E90CF26FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [UDP Query User{9AAF3CFF-DD7A-497A-BE2F-F9EFB4709A44}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{CBCA0539-E485-4FB4-BF53-DEB504D29C8C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C6C52E2C-A3B4-4AD8-AEB5-CC968831FC3E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{93D428DF-D9C1-4E3D-A833-119E7AD19B5F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E2BF7FA6-5490-4AD5-9649-9CEADB98B4C6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{59343DAA-AC50-4FC2-8130-AFAAD277F5B4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F425035C-FBD1-4846-BDC4-AE2E1A8F6BD6}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C5BED132-D2F1-4B49-8E1C-89BA784920F2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{4A4247F5-9F6F-4FBE-AE9A-6856E2C09127}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8275ADA2-E5C4-49CD-8056-9491007BA7D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{54B2336C-4F2A-4C84-8028-6A77EF4C8E56}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC32C821-96C4-41F2-BD9A-609FEFA5B42F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{D204B75D-FE2F-452A-A067-DBA89935BD82}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{902F54A4-0F65-4C67-91EA-EC5BFBEEE553}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A24E337A-91EB-489C-82A0-4CA2CCEBA69D}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC5CEB87-E833-4592-8760-3780D7556624}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EBBE327-BE32-4380-9CBC-88C1AD733278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{6236CC6A-BAC1-4844-B52D-4F058E166D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [TCP Query User{EE24100D-05F1-4FDC-B0FB-55A8BF1B4487}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{98E01700-645C-4C9A-9952-5BF89CBCF7CB}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4B8C2D2F-48DE-4603-A1B7-651D9094521E}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B808CC0C-4968-48F4-9BE7-084EF520E631}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [{06645459-E8FE-460B-9788-FE0E7710DD9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3BB40C19-F2EA-4690-B6BB-367E7C2C263A}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe
FirewallRules: [UDP Query User{AF48CB2B-A69C-4CF2-B462-881C4995E614}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe
FirewallRules: [{CC5F2C28-7374-4AED-9D91-90C23E4FBB56}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{3C26B0A2-E042-47DB-90D4-9F81BC82B2CC}] => (Allow) %ProgramFiles% (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{021008C2-F369-4EC7-A04F-B64627B642D6}] => (Allow) %ProgramFiles% (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CFD36A9-C245-4D8B-BCE4-B97CFBC7E2E3}] => (Allow) %ProgramFiles% (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A42A4ACF-AFF2-4FE1-B6E7-01E1B0D51AD6}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FA3668CF-4DB9-442E-8FD0-BEA511AF5C28}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{10002992-5381-4F7E-A8E3-F9AC916948F0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{1A0E3CA8-C531-4491-9CC0-85423CB2DCB8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{CCB62BA7-C113-4531-B50E-640CD87BB559}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe
FirewallRules: [UDP Query User{33C0DCE6-0B9C-4CBA-AF03-8E1E16C6D5E3}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe
FirewallRules: [{744C119E-95E6-45E9-9D1B-C5B0C2DED0C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{E3FA991D-9810-466F-9656-15F57B069853}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{52BCE2DD-BE9B-4D83-94DC-518971B48B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{6108EBF8-5249-4288-8E76-82B630A50267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{570422B8-0DA1-4ED4-9AF5-B3C0CB2218A7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{F68498C4-1C82-46BF-A645-3429352A92A0}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{DE432B9C-B9B8-484E-92F4-420DB4569043}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{BC9350F7-BEDB-4808-995E-02C045262D71}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D39CE7E7-9A84-4D48-A6CD-950B7A709948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0AD4EE55-F182-4650-B77C-B0AA0CC77498}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{782A129E-D7B8-4D5F-84C3-5B942E514135}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97F0C4C6-8E0B-47A1-93A9-FE98D28FAD5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4B08A4B8-7066-457B-8854-5622FFC641A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
*
==================== Wiederherstellungspunkte =========================
*
20-10-2016 02:35:17 Installed LibreOffice 5.1.5.2
*
==================== Fehlerhafte Geräte im Gerätemanager =============
*
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
*
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
*
*
==================== Fehlereinträge in der Ereignisanzeige: =========================
*
Applikationsfehler:
==================
Error: (10/28/2016 12:24:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.14393.0, Zeitstempel: 0x57899b1c
Name des fehlerhaften Moduls: mapsbtsvc.dll, Version: 10.0.14393.187, Zeitstempel: 0x57cf9ec8
Ausnahmecode: 0x8400000a
Fehleroffset: 0x00000000000023d4
ID des fehlerhaften Prozesses: 0x259c
Startzeit der fehlerhaften Anwendung: 0x01d230a06f022ede
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\mapsbtsvc.dll
Berichtskennung: 0777afb1-fe40-4e56-852b-7d8a71287e53
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
*
Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
*
Error: (10/26/2016 05:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043
Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e83e
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0x01d22f9edf59269a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 801a007a-6037-4a52-b9c5-20d7d7c56269
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/26/2016 03:16:28 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
*
Error: (10/26/2016 12:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043
Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e83e
ID des fehlerhaften Prozesses: 0x141c
Startzeit der fehlerhaften Anwendung: 0x01d22f0d4afb5636
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 37ccbcb1-246f-4207-a377-71512cbb5b4a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/25/2016 04:53:52 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Die Collect-Prozedur für den "C:\Windows\System32\winspool.drv"-Dienst in der DLL "Spooler" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode.
*
Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
*
Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
*
Error: (10/25/2016 11:55:12 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: COMPUTER-128234)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.
*
*
Systemfehler:
=============
Error: (10/28/2016 01:04:51 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 01:02:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
*
Error: (10/28/2016 12:49:11 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 12:47:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
*
Error: (10/28/2016 12:39:07 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 12:37:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
*
Error: (10/28/2016 12:24:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
*
Error: (10/27/2016 05:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
*und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
*im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
*
Error: (10/27/2016 02:01:27 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/27/2016 01:59:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
*
*
CodeIntegrity:
===================================
* Date: 2016-08-16 19:43:08.880
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.878
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.600
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.472
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.720
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.162
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.144
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:56.389
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
*
==================== Speicherinformationen ===========================
*
Prozessor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Prozentuale Nutzung des RAM: 84%
Installierter physikalischer RAM: 4094.18 MB
Verfügbarer physikalischer RAM: 615.38 MB
Summe virtueller Speicher: 8446.18 MB
Verfügbarer virtueller Speicher: 1360.23 MB
*
==================== Laufwerke ================================
*
Drive c: (System) (Fixed) (Total:390.09 GB) (Free:207.49 GB) NTFS
Drive y: (Volume) (Fixed) (Total:75.14 GB) (Free:75.04 GB) NTFS
*
==================== MBR & Partitionstabelle ==================
*
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 933BC6BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=75.1 GB) - (Type=OF Extended)
*
==================== Ende von Addition.txt ============================
|
|
28.10.2016, 13:41
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | JS/SecurityDisabler.B Also wie Ruth ja schon aufgeklärt hat, ist durch diesen Thread kein Schaden entstanden. Dein AV heulte nur auf, weil der TO die von malware manipulierte js-Datei in den Thread bereitstellte. Fragen: 1. Was machen diese ganzen Sterne da in den Logs? 2. Was sollen host Einträge wie 127.0.0.1 choice.microsoft.com???
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu JS/SecurityDisabler.B |
| angezeigt, angucken, anhänge, anhängen, aufklärung, bearbeitung, bereinigung, eset, folge, folgender, forum, freue, gemeldet, gucken, https, hänge, hängen, js/securitydisabler.b, log, log's, meldung, nicht, thema, thread, warnung |
Linear-Darstellung
