|
Plagegeister aller Art und deren Bekämpfung: Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
20.11.2016, 20:39 | #16 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä.Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 20/11/2016 um 20:37:28 # Aktualisiert am 19/10/2016 von Malwarebytes # Datenbank : 2016-11-20.1 [Server] # Betriebssystem : Windows 10 Home (X64) # Benutzername : Koganei - BELLA # Gestartet von : C:\Users\Koganei\Downloads\AdwCleaner_6.030.exe # Modus: Löschen # Unterstützung : hxxps://www.malwarebytes.com/support ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner gelöscht: C:\Users\Koganei\AppData\Local\YSearchUtil [-] Ordner gelöscht: C:\Users\Koganei\AppData\Roaming\UpdateStar Drivers ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK [#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo ***** [ Browser ] ***** [-] Firefox Einstellungen bereinigt: "browser.startup.homepage" - "hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3333673&octid=EB_ORIGINAL_CTID&ISID=AF6B3430-2C14-4690-9F8D-D837417FF3AD&SearchSource=55&CUI=&UM=8&UP=SPD5F73291-BC32-4353-81AE-E34B0B727F44&D=011016&SSPV=" [-] [C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: booedmolknjekdopkepjjeckmjkdpfgl [-] [C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: flpcjncodpafbgdpnkljologafpionhb [-] [C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: npdicihegicnhaangkdmcgbjceoemeoo ************************* :: "Tracing" Schlüssel gelöscht :: Winsock Einstellungen zurückgesetzt :: Proxy Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [2604 Bytes] - [20/11/2016 20:37:28] C:\AdwCleaner\AdwCleaner[S0].txt - [2689 Bytes] - [20/11/2016 20:35:36] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2750 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 10 Home x64 Ran by Koganei (Administrator) on 20.11.2016 at 20:39:53,81 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 3 Successfully deleted: C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) Successfully deleted: C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) Successfully deleted: C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bmnlcjabgnpnenekpadlanbbkooimhnj_0.localstorage (File) Registry: 4 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 20.11.2016 at 20:41:40,31 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
21.11.2016, 09:54 | #17 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________
__________________ |
21.11.2016, 12:46 | #18 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Danke nochmal, dass du mir hier so viel Hilfe stellst.
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01 durchgeführt von Koganei (Administrator) auf BELLA (21-11-2016 12:42:57) Gestartet von C:\Users\Koganei\Downloads Geladene Profile: Koganei (Verfügbare Profile: Koganei) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Flux Software LLC) C:\Users\Koganei\AppData\Local\FluxSoftware\Flux\flux.exe (Dropbox, Inc.) C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe (Dropbox, Inc.) C:\Users\Koganei\AppData\Roaming\Dropbox\bin\Dropbox.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-01] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-12] (cyberlink) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Run: [f.lux] => C:\Users\Koganei\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Run: [Dropbox Update] => C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Koganei\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei Startup: C:\Users\Koganei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-06-24] () Startup: C:\Users\Koganei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-11-10] ShortcutTarget: Dropbox.lnk -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{df15329e-1073-44b2-9051-2e7cdf53d5c6}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-3333309580-3961816760-648053868-1001 -> {084D8E04-9ECF-4119-BC6E-16E7B62058ED} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-11-17] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-17] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-11-17] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-31] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-17] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-31] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-06-28] (AO Kaspersky Lab) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-17] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-17] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-17] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-17] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: dgbdvoap.default FF ProfilePath: C:\Users\Koganei\AppData\Roaming\Mozilla\Firefox\Profiles\dgbdvoap.default [2016-07-21] FF Extension: (FTPAddonLight) - C:\Users\Koganei\AppData\Roaming\Mozilla\Firefox\Profiles\dgbdvoap.default\Extensions\{79986824-1351-432f-80ba-ea35e2da29f8}.xpi [2016-03-03] [ist nicht signiert] FF Extension: (Adblock Plus) - C:\Users\Koganei\AppData\Roaming\Mozilla\Firefox\Profiles\dgbdvoap.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-03] FF SearchPlugin: C:\Users\Koganei\AppData\Roaming\Mozilla\Firefox\Profiles\dgbdvoap.default\searchplugins\yahoo-ysp.xml [2015-11-17] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-06-28] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-19] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-19] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-31] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-17] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-17] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-01] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-01] (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://google.de/ CHR StartupUrls: Default -> "hxxps://www.google.de/webhp?sourceid=chrome-instant&rlz=1C1GIWA_enDE583DE583&ion=1&espv=2&ie=UTF-8" CHR Profile: C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default [2016-11-21] CHR Extension: (ProxFlow) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-10-11] CHR Extension: (Google Docs) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Honey) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-11-20] CHR Extension: (Google-Suche) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Kaspersky Protection) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-11-17] CHR Extension: (Google Docs Offline) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-09] CHR Extension: (Hide unwanted streams on Twitch) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgfplcjhleaadnmjmkjddcmekdhdiia [2016-09-06] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Google Mail) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Extension: (Chrome Media Router) - C:\Users\Koganei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-10-30] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-12] (CyberLink) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3519984 2016-01-27] (INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe [901248 2016-04-19] (Sophos Limited) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-11-17] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-11-17] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1012056 2016-11-17] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [50008 2016-11-17] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [223528 2016-11-17] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [252560 2016-11-17] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112336 2016-11-17] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [167904 2016-11-17] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [127896 2016-11-17] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3baaab0007230109\nvlddmkm.sys [14249416 2016-10-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RZMAELSTROMVADService; C:\WINDOWS\system32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows (R) Win 7 DDK provider) R2 sntp; C:\WINDOWS\system32\DRIVERS\sntp.sys [116144 2016-04-19] (Sophos Limited) S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [21584 2013-05-06] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited) S3 vpnva; \SystemRoot\System32\drivers\vpnva64-6.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-20 20:41 - 2016-11-20 20:41 - 00001625 _____ C:\Users\Koganei\Desktop\JRT.txt 2016-11-20 20:39 - 2016-11-20 20:39 - 01631928 _____ (Malwarebytes) C:\Users\Koganei\Downloads\JRT.exe 2016-11-20 20:32 - 2016-11-20 20:37 - 00000000 ____D C:\AdwCleaner 2016-11-20 20:31 - 2016-11-20 20:32 - 03910208 _____ C:\Users\Koganei\Downloads\AdwCleaner_6.030.exe 2016-11-20 15:23 - 2016-11-20 15:56 - 00093960 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_15.23.36_log.txt 2016-11-20 15:17 - 2016-11-20 15:23 - 00270128 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_15.17.29_log.txt 2016-11-20 05:41 - 2016-11-20 05:47 - 00093960 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_05.41.03_log.txt 2016-11-20 05:36 - 2016-11-20 05:40 - 00093960 _____ C:\TDSSKiller.3.1.0.12_20.11.2016_05.36.38_log.txt 2016-11-20 05:36 - 2016-11-20 05:36 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Koganei\Downloads\tdsskiller (2).exe 2016-11-19 17:57 - 2016-11-19 18:12 - 00182162 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_17.57.52_log.txt 2016-11-19 17:57 - 2016-11-19 18:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-11-19 17:57 - 2016-11-19 17:57 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Koganei\Downloads\tdsskiller (1).exe 2016-11-19 17:56 - 2016-11-19 17:56 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Koganei\Downloads\tdsskiller.exe 2016-11-19 17:48 - 2016-11-19 17:51 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Koganei\Downloads\mbar-1.09.3.1001.exe 2016-11-19 16:28 - 2016-11-19 16:28 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-11-19 16:28 - 2016-10-25 21:21 - 00106040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2016-11-19 16:28 - 2016-10-25 21:21 - 00095800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2016-11-19 14:08 - 2016-11-19 14:08 - 00001217 _____ C:\Users\Koganei\Desktop\ Malwarebytes Anti-Malware .txt 2016-11-19 14:07 - 2016-11-19 14:07 - 00041322 _____ C:\Users\Koganei\Desktop\MalwarebytesLog.txt 2016-11-19 13:59 - 2016-11-21 12:42 - 00000000 ____D C:\Users\Koganei\Downloads\FRST-OlderVersion 2016-11-19 13:26 - 2016-11-21 12:42 - 00028950 _____ C:\Users\Koganei\Downloads\FRST.txt 2016-11-19 13:26 - 2016-11-19 14:00 - 00085913 _____ C:\Users\Koganei\Downloads\Addition.txt 2016-11-19 13:25 - 2016-11-21 12:42 - 00000000 ____D C:\FRST 2016-11-19 13:24 - 2016-11-21 12:42 - 02412544 _____ (Farbar) C:\Users\Koganei\Downloads\FRST64.exe 2016-11-19 13:11 - 2016-11-19 13:15 - 263114568 _____ C:\Users\Koganei\Downloads\EmsisoftEmergencyKit.exe 2016-11-19 12:48 - 2016-11-19 12:48 - 01496584 _____ C:\Users\Koganei\Downloads\HijackThis - CHIP-Installer (1).exe 2016-11-18 14:40 - 2016-11-19 14:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-11-18 14:40 - 2016-11-19 01:16 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-11-18 14:40 - 2016-11-18 15:47 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-11-18 14:40 - 2016-11-18 14:40 - 00004010 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-11-18 14:21 - 2016-11-19 17:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-11-18 14:21 - 2016-11-19 17:55 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-11-18 14:21 - 2016-11-18 14:21 - 00000666 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-11-18 14:21 - 2016-11-18 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-11-18 14:21 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-11-18 14:21 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-11-18 14:14 - 2016-11-18 14:20 - 22851472 _____ (Malwarebytes ) C:\Users\Koganei\Downloads\mbam-setup-2.2.1.1043.exe 2016-11-18 14:07 - 2016-11-18 14:07 - 01496584 _____ C:\Users\Koganei\Downloads\HijackThis - CHIP-Installer.exe 2016-11-17 16:29 - 2016-11-17 16:29 - 00000529 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-11-17 14:25 - 2016-11-17 14:25 - 00252560 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2016-11-17 14:24 - 2016-11-17 14:24 - 00223528 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2016-11-17 14:24 - 2016-11-17 14:24 - 00167904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2016-11-17 14:24 - 2016-11-17 14:24 - 00112336 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2016-11-17 14:22 - 2016-11-21 12:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-11-17 14:22 - 2016-11-17 14:24 - 00000000 ____D C:\Program Files\Common Files\AV 2016-11-17 14:22 - 2016-11-17 14:22 - 00002260 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk 2016-11-17 14:22 - 2016-11-17 14:22 - 00002192 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk 2016-11-17 14:22 - 2016-11-17 14:22 - 00001473 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk 2016-11-17 14:22 - 2016-11-17 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security 2016-11-17 14:22 - 2016-11-17 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection 2016-11-17 14:22 - 2016-11-17 14:22 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-11-17 14:22 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2016-11-17 14:21 - 2016-11-17 14:25 - 01012056 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2016-11-17 14:21 - 2016-11-17 14:24 - 00435032 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-11-17 14:21 - 2016-06-26 15:14 - 00191312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2016-11-17 14:20 - 2016-11-17 14:21 - 02312224 _____ (Kaspersky Lab) C:\Users\Koganei\Downloads\kts17.0.0.611de_10846.exe 2016-11-11 02:28 - 2016-11-11 02:28 - 00000202 _____ C:\Users\Koganei\Desktop\DiRT 3 Complete Edition.url 2016-11-10 22:14 - 2016-11-10 22:14 - 00000000 ____D C:\Users\Koganei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-11-09 00:16 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-11-09 00:16 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-09 00:16 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-11-09 00:16 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2016-11-09 00:16 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-11-09 00:16 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-09 00:16 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-11-09 00:16 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-11-09 00:16 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-11-09 00:16 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-11-09 00:16 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-11-09 00:16 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-11-09 00:16 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2016-11-09 00:16 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2016-11-09 00:16 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-11-09 00:16 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-09 00:16 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-09 00:16 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-11-09 00:16 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-09 00:16 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-11-09 00:16 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-11-09 00:16 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2016-11-09 00:16 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-09 00:16 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-09 00:16 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-11-09 00:16 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-11-09 00:16 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2016-11-09 00:16 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-09 00:16 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-09 00:16 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-11-09 00:16 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-11-09 00:16 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2016-11-09 00:16 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2016-11-09 00:16 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-11-09 00:16 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-09 00:16 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-11-09 00:16 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-09 00:16 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-09 00:16 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2016-11-09 00:16 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-11-09 00:16 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2016-11-09 00:16 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-11-09 00:16 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-09 00:16 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-11-09 00:16 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys 2016-11-09 00:16 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-11-09 00:16 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-11-09 00:16 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-09 00:16 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2016-11-09 00:16 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-09 00:16 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2016-11-09 00:16 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-11-09 00:16 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-11-09 00:16 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-11-09 00:16 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-11-09 00:16 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-11-09 00:16 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-11-09 00:16 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-11-09 00:16 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll 2016-11-09 00:16 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-11-09 00:16 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-09 00:16 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-11-09 00:16 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-09 00:16 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2016-11-09 00:16 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll 2016-11-09 00:16 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-11-09 00:16 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-11-09 00:16 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-11-09 00:16 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2016-11-09 00:16 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-11-09 00:16 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2016-11-09 00:16 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-11-09 00:16 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2016-11-09 00:16 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-11-09 00:16 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-09 00:16 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-11-09 00:16 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2016-11-09 00:16 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-11-09 00:16 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-09 00:16 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-11-09 00:16 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll 2016-11-09 00:16 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2016-11-09 00:16 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-09 00:16 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-11-09 00:16 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-11-09 00:16 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-11-09 00:16 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-09 00:16 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2016-11-09 00:16 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-11-09 00:16 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-11-09 00:16 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-09 00:16 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-11-09 00:16 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-09 00:16 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-11-09 00:16 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2016-11-09 00:16 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2016-11-09 00:16 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-09 00:16 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-11-09 00:16 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-11-09 00:16 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-11-09 00:16 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-11-09 00:16 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll 2016-11-09 00:16 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-11-09 00:16 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-09 00:16 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-11-09 00:16 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2016-11-09 00:16 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-09 00:16 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll 2016-11-09 00:16 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-11-09 00:16 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-09 00:16 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-11-09 00:16 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2016-11-09 00:16 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-11-09 00:16 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-11-09 00:16 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-11-09 00:16 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-11-09 00:16 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll 2016-11-09 00:16 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-09 00:16 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-11-09 00:16 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2016-11-09 00:16 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2016-11-09 00:16 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2016-11-09 00:16 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-11-09 00:16 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-11-09 00:16 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2016-11-09 00:16 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-11-09 00:16 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-09 00:16 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-11-09 00:16 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2016-11-09 00:16 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls 2016-11-09 00:16 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls 2016-11-09 00:16 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-09 00:16 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-11-09 00:15 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-11-09 00:15 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-09 00:15 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2016-11-09 00:15 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-11-09 00:15 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2016-11-09 00:15 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll 2016-11-09 00:15 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-11-09 00:15 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll 2016-11-09 00:15 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-09 00:15 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-11-05 11:04 - 2016-11-10 17:44 - 00001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001UA1d2374cd4a4f58.job 2016-11-05 11:04 - 2016-11-10 17:44 - 00001192 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001Core1d2374cd437264.job 2016-11-05 11:04 - 2016-11-10 12:15 - 00004394 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001UA1d2374cd4a4f58 2016-11-05 11:04 - 2016-11-10 12:15 - 00004018 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001Core1d2374cd437264 2016-11-03 10:48 - 2016-11-03 10:48 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk 2016-11-03 10:48 - 2016-11-03 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2016-11-01 23:06 - 2016-11-01 23:06 - 39862848 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 38903912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 34823872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 33479360 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 12680800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 06696832 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 05140472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 02393176 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 01816720 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 01814064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00242160 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00205360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00183984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00182960 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00160272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00160272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll 2016-11-01 23:06 - 2016-11-01 23:06 - 00055248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 29101576 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 19861512 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 15837984 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 15488928 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 13483208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 11742216 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 08732168 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 05688840 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 05262856 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 04928528 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 04363784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 04270680 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 04239704 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 03971592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 01858640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 01590792 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 01178632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 01027056 _____ C:\WINDOWS\system32\igfxSDK.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00968168 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00964592 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00705032 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00536560 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00466920 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00448496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00439304 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00416264 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ C:\WINDOWS\system32\igfxTray.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00390152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00388616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00350184 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00318472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00312304 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00301552 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00297168 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00273416 _____ C:\WINDOWS\system32\igfxCPL.cpl 2016-11-01 23:05 - 2016-11-01 23:05 - 00268784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00266248 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00254984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00237040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00232432 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00231920 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00225288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00223248 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00212488 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4531.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00193032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00181840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00175088 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe 2016-11-01 23:05 - 2016-11-01 23:05 - 00174088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00111624 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00103432 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00100872 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00095240 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00084488 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00052744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll 2016-11-01 23:05 - 2016-11-01 23:05 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll 2016-10-29 09:22 - 2016-10-29 09:22 - 00743938 _____ C:\Users\Koganei\Downloads\AskMrRobot-46.zip 2016-10-28 16:25 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-10-28 16:25 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-10-28 16:25 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-10-28 16:25 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2016-10-28 16:25 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-10-28 16:25 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-10-28 16:25 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2016-10-28 16:25 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-10-28 16:25 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-10-28 16:25 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2016-10-28 16:25 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-10-28 16:25 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2016-10-28 16:25 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-10-28 16:25 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2016-10-28 16:25 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-10-28 16:25 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-10-28 16:25 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll 2016-10-28 16:25 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys 2016-10-28 16:25 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-10-28 16:25 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-10-28 16:25 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-10-28 16:25 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-10-28 16:25 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-10-28 16:25 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-10-28 16:25 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-10-28 16:25 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-10-28 16:25 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll 2016-10-28 16:25 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll 2016-10-28 16:25 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-10-28 16:25 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll 2016-10-28 16:25 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-10-28 16:25 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-10-28 16:25 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-10-28 16:25 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-10-28 16:25 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-10-28 16:25 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb 2016-10-28 16:25 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-10-28 16:25 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-10-28 16:25 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2016-10-28 16:25 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-10-28 16:25 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll 2016-10-28 16:25 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-10-28 16:25 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll 2016-10-28 16:25 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2016-10-28 16:25 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2016-10-28 16:25 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2016-10-28 16:25 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2016-10-28 16:25 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-10-28 16:25 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2016-10-28 16:25 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-10-28 16:25 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-10-28 16:25 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-10-28 16:25 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2016-10-28 16:25 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2016-10-28 16:25 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2016-10-28 16:25 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2016-10-28 16:25 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-10-28 16:25 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-10-28 16:25 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-10-28 16:25 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-10-28 16:25 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-10-28 16:25 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-10-28 16:25 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll 2016-10-28 16:25 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-10-28 16:25 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-10-28 16:25 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-10-28 16:25 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-10-28 16:25 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-10-28 16:25 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-10-28 16:25 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-10-28 16:25 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-10-28 16:25 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-10-28 16:25 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-10-28 16:25 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-10-28 16:25 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-10-28 16:25 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-10-28 16:25 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-10-28 16:25 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2016-10-28 16:25 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-10-28 16:25 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-10-28 16:25 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-10-28 16:25 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2016-10-28 16:25 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2016-10-28 16:25 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-10-28 16:25 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-10-28 16:25 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2016-10-28 16:25 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe 2016-10-28 16:25 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-10-28 16:25 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-10-28 16:25 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll 2016-10-28 16:25 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2016-10-28 16:25 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-10-28 16:25 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-10-28 16:25 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2016-10-28 16:25 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-10-28 16:25 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-10-28 16:25 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-10-28 16:25 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2016-10-28 16:25 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-10-28 16:25 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-10-28 16:25 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-10-28 16:25 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-10-28 16:25 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-10-28 16:25 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-10-28 16:25 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-10-28 16:25 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll 2016-10-28 16:25 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-10-28 16:25 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-10-28 16:25 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-10-28 16:25 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-10-28 16:25 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2016-10-28 16:25 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2016-10-28 16:25 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-10-28 16:25 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-10-28 16:25 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2016-10-28 16:25 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-10-28 16:25 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2016-10-28 16:25 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2016-10-28 16:25 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2016-10-28 16:25 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-10-28 16:25 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-10-28 16:24 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2016-10-28 16:24 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-10-28 16:24 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-10-28 16:24 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-10-28 16:24 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2016-10-28 16:24 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-10-28 16:24 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-10-28 16:24 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2016-10-28 16:24 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-10-28 16:24 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-10-28 16:24 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2016-10-28 16:24 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-10-28 16:24 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2016-10-28 16:24 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-10-28 16:24 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2016-10-28 16:24 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-10-28 16:24 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-10-28 16:24 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-10-28 16:24 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-10-28 16:24 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-10-28 16:24 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2016-10-28 16:24 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb 2016-10-28 16:24 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2016-10-28 16:24 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-10-28 16:24 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2016-10-28 16:24 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-10-28 16:24 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-10-28 16:24 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2016-10-28 16:24 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll 2016-10-28 16:24 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-10-28 16:24 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2016-10-28 16:24 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-10-28 16:24 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2016-10-28 16:24 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-10-28 16:24 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-10-28 16:24 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-10-28 16:24 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2016-10-28 16:24 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe 2016-10-28 16:24 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-10-28 16:24 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-10-28 16:24 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-10-28 16:24 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2016-10-28 16:24 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2016-10-28 16:24 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2016-10-28 16:24 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-10-28 16:24 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-10-28 16:24 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2016-10-28 16:24 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2016-10-26 08:49 - 2016-10-26 08:49 - 03402700 _____ C:\Users\Koganei\Downloads\elvui-10.28.zip 2016-10-24 11:01 - 2016-11-03 10:49 - 00000000 ____D C:\ProgramData\Cisco 2016-10-24 11:01 - 2016-11-03 10:49 - 00000000 ____D C:\Program Files (x86)\Cisco 2016-10-24 11:01 - 2016-10-24 11:01 - 03345776 _____ (Cisco Systems, Inc.) C:\Users\Koganei\Downloads\anyconnect-win-3.1.06079-web-deploy-k9.exe 2016-10-24 11:01 - 2016-10-24 11:01 - 00000000 ____D C:\Users\Koganei\AppData\Local\Cisco ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-11-21 12:42 - 2016-09-24 08:54 - 00000000 ____D C:\Users\Koganei\AppData\Local\Deployment 2016-11-21 12:42 - 2015-04-03 09:50 - 00000000 ___RD C:\Users\Koganei\Dropbox 2016-11-21 12:42 - 2014-04-12 18:35 - 00000000 ____D C:\Users\Koganei\AppData\Roaming\Skype 2016-11-21 12:41 - 2016-09-24 08:45 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-11-21 12:41 - 2016-09-24 08:45 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-21 12:41 - 2016-07-21 11:46 - 00000000 __SHD C:\Users\Koganei\IntelGraphicsProfiles 2016-11-21 07:31 - 2016-09-24 08:46 - 00000000 ____D C:\Users\Koganei 2016-11-21 05:30 - 2014-04-11 16:10 - 00000000 ____D C:\Users\Koganei\AppData\Local\Battle.net 2016-11-21 04:41 - 2016-09-24 08:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-11-21 00:37 - 2015-09-18 19:29 - 00008000 _____ C:\WINDOWS\BRRBCOM.INI 2016-11-20 21:52 - 2016-07-21 11:50 - 02901848 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-20 21:52 - 2016-07-16 23:51 - 01266234 _____ C:\WINDOWS\system32\perfh007.dat 2016-11-20 21:52 - 2016-07-16 23:51 - 00310364 _____ C:\WINDOWS\system32\perfc007.dat 2016-11-20 21:46 - 2016-09-24 08:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-20 21:46 - 2016-07-21 11:44 - 00142832 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys 2016-11-20 21:46 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-11-20 16:37 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-11-20 15:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-11-19 16:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-11-19 16:28 - 2016-10-15 16:38 - 00003986 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00003958 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00003922 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00003896 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00003734 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00003692 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-11-19 16:28 - 2016-10-15 16:38 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-11-19 16:28 - 2016-09-24 08:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-11-19 16:28 - 2016-09-24 08:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-19 16:28 - 2016-09-24 08:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-11-19 13:38 - 2016-05-25 11:41 - 00000000 ____D C:\Users\Koganei\AppData\Local\Innkeeper 2016-11-19 13:38 - 2015-09-18 19:07 - 00000000 ____D C:\Users\Koganei\Documents\MeineWebSeiten 2016-11-19 10:16 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-11-19 01:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-11-19 01:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-11-18 15:47 - 2015-11-16 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-11-18 14:40 - 2015-03-21 20:11 - 00000000 ____D C:\Users\Koganei\AppData\Local\Adobe 2016-11-18 03:43 - 2015-02-01 22:33 - 00000000 ____D C:\Users\Koganei\Desktop\Wallpaper 2016-11-17 22:29 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-11-17 22:28 - 2015-04-26 09:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-11-17 16:29 - 2015-11-16 13:12 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-11-17 16:29 - 2015-11-16 13:12 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-11-17 16:29 - 2015-11-16 13:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-11-17 14:25 - 2016-06-20 23:41 - 00050008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys 2016-11-17 14:25 - 2016-06-02 22:39 - 00127896 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys 2016-11-17 14:22 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-11-17 14:21 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated 2016-11-14 13:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-11-10 22:14 - 2015-04-03 09:49 - 00000000 ____D C:\Users\Koganei\AppData\Roaming\Dropbox 2016-11-10 14:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2016-11-10 12:14 - 2016-09-24 08:44 - 00343256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-10 12:14 - 2016-04-27 06:56 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-11-10 04:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-11-10 02:16 - 2014-07-04 10:50 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-09 14:21 - 2016-09-24 08:51 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-11-09 12:47 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-09 12:45 - 2014-04-22 08:13 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-09 12:43 - 2014-04-22 08:13 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-09 03:51 - 2016-05-18 13:43 - 00000000 ____D C:\Users\Koganei\Desktop\DSA Chars 2016-11-06 12:09 - 2015-11-10 17:59 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-11-04 21:52 - 2015-01-09 16:03 - 00000000 ____D C:\Users\Koganei\AppData\Local\ElevatedDiagnostics 2016-11-03 10:53 - 2015-03-07 08:14 - 00000000 ___RD C:\Users\Koganei\Desktop\Sonstiges 2016-11-03 10:48 - 2014-04-11 15:41 - 00000000 ____D C:\Program Files (x86)\Google 2016-11-03 00:16 - 2014-04-11 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-11-02 16:50 - 2016-09-24 08:45 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-11-01 23:05 - 2016-09-24 08:45 - 00103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-11-01 23:05 - 2016-09-24 08:45 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-11-01 23:05 - 2016-05-27 14:50 - 07966192 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys 2016-11-01 23:05 - 2016-05-27 14:50 - 02142224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll 2016-11-01 23:05 - 2016-05-27 14:50 - 00756744 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll 2016-11-01 23:05 - 2016-05-27 14:50 - 00398856 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll 2016-11-01 23:05 - 2016-05-27 14:50 - 00373744 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe 2016-11-01 23:05 - 2016-05-27 14:50 - 00354800 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe 2016-10-31 10:37 - 2014-04-11 15:41 - 00000000 ____D C:\Users\Koganei\AppData\Local\Google 2016-10-29 00:56 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-10-29 00:56 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-10-29 00:48 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-10-29 00:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-10-28 14:49 - 2014-07-13 02:16 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-10-27 08:11 - 2014-05-13 12:21 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-27 08:11 - 2014-04-12 18:35 - 00000000 ____D C:\ProgramData\Skype 2016-10-25 21:21 - 2016-10-15 16:38 - 01854008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2016-10-25 21:21 - 2016-10-15 16:38 - 01756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-10-25 21:21 - 2016-10-15 16:38 - 01454136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2016-10-25 21:21 - 2016-10-15 16:38 - 01318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-10-25 21:21 - 2016-10-15 16:38 - 00121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2016-10-25 21:21 - 2016-05-13 12:02 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2016-10-25 20:12 - 2016-10-15 16:38 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-06-30 23:20 - 2016-06-30 23:20 - 0000000 _____ () C:\ProgramData\CLDShowX.ini Einige Dateien in TEMP: ==================== C:\Users\Koganei\AppData\Local\Temp\libeay32.dll C:\Users\Koganei\AppData\Local\Temp\msvcr120.dll C:\Users\Koganei\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Koganei\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Koganei\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Koganei\AppData\Local\Temp\nvStInst.exe C:\Users\Koganei\AppData\Local\Temp\sfamcc00001.dll C:\Users\Koganei\AppData\Local\Temp\sfextra.dll C:\Users\Koganei\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-11-11 13:08 ==================== Ende von FRST.txt ============================ |
21.11.2016, 12:47 | #19 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01 durchgeführt von Koganei (21-11-2016 12:43:29) Gestartet von C:\Users\Koganei\Downloads Windows 10 Home Version 1607 (X64) (2016-09-24 07:51:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3333309580-3961816760-648053868-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3333309580-3961816760-648053868-503 - Limited - Disabled) Gast (S-1-5-21-3333309580-3961816760-648053868-501 - Limited - Disabled) Koganei (S-1-5-21-3333309580-3961816760-648053868-1001 - Administrator - Enabled) => C:\Users\Koganei SophosSAUBELLA0 (S-1-5-21-3333309580-3961816760-648053868-1007 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Ansel (Version: 373.06 - NVIDIA Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2425.52 - CyberLink Corp.) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) Dreamfall Chapters (HKLM\...\Steam App 237850) (Version: - Red Thread Games) Dropbox (HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.) Epic Games Launcher (HKLM\...\{D9D18DA0-DA2D-497C-8D71-E6489890EA58}) (Version: 1.1.40.0 - Epic Games, Inc.) f.lux (HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\Flux) (Version: - ) Gameforge Live 2.0.10 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.10 - Gameforge) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.) Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) HOTSLogsUploader (HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\99a83d131490dc73) (Version: 1.0.0.12 - HOTSLogsUploader) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2105 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Mozilla Firefox 50.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 de)) (Version: 50.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 373.06 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation) NVIDIA Grafiktreiber 373.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 373.06 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 368.39 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6965.2105 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6965.2105 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6965.2105 - Microsoft Corporation) Hidden ON_OFF Charge 2 B13.0506.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.0506.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Scansoft PDF Professional (x32 Version: - ) Hidden SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.2.0.276 - Sophos Limited) Sophos Network Threat Protection (HKLM\...\{66967E5F-43E8-4402-87A4-04685EE5C2CB}) (Version: 1.2.2.50 - Sophos Limited) Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 4.0.6 - Sophos Limited) Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.0 - Sophos Limited) SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH) Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{e3f0675d-03bb-4915-9a69-ed289caeda1d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3333309580-3961816760-648053868-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Koganei\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {185EC6C3-A14A-4EFF-960C-5F388292D72C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {1AF11CF9-A192-48D0-AD4C-E003EFB50F45} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {27E26236-3BE9-4FCC-9E4B-E59CE5768C30} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {27EB918C-5532-4CF3-85B8-749987B7CD57} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG Task: {29268AC5-C09F-479B-A9A5-DFD96D11B5A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {2D690FED-873C-45AD-AE75-54062439C866} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation) Task: {346C335B-73B9-4BC5-92CC-305CFDFE9A35} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {34ED625C-7577-4104-A83E-B0A826DDE42F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {45F93964-7786-4044-BA87-65DE55B69014} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-19] (Adobe Systems Incorporated) Task: {500795B2-FD76-49DF-B77B-A562C307F9E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {594438A8-D8DC-48C7-9F0F-211EE8F4E054} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation) Task: {721968AD-0464-4568-BB4C-F2FE11D83A6B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001Core1d2374cd437264 => C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {762930C5-6638-444E-85DD-50392B35411A} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG Task: {81BF8326-A954-4A46-B15D-F2A3AC4C86A7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {8982B756-C1F4-4E37-8416-1EB2A80328A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation) Task: {9EEFC527-98A7-4978-BEC4-0381ECA5BBC3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation) Task: {A38CDE4B-9C63-4CEB-A867-9FE245C404DA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {A4D3C800-1BE8-44EB-A31E-262F6F23230E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-09] (Microsoft Corporation) Task: {AF2D983C-4408-49C5-8811-B6320117BC3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {B46C2CB8-9665-4150-B1CB-71C929BE0D0C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation) Task: {BE05D060-0EE5-433A-8F1F-87D53A3722AA} - System32\Tasks\{AF9CF852-8533-4612-BA0B-3ED7C9C49249} => pcalua.exe -a "C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" -c uninstall=17 Task: {CB0445DE-6B47-40F5-B816-9F05DD4D385D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {CF8C3229-0530-4663-BB36-4C8C8F6A6304} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {D1F3245F-5939-4FCE-9962-2B268EDC4D0D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {D6B8F75B-FBDF-4F12-827D-6935CF1ED4A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation) Task: {D6F0CAE1-B914-473A-8CE5-0C720A627A6B} - \WPD\SqmUpload_S-1-5-21-3333309580-3961816760-648053868-1001 -> Keine Datei <==== ACHTUNG Task: {DD90E0CA-877C-4634-8BF6-ABFA9A5F523D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-18] (Adobe Systems Incorporated) Task: {DF985433-EB41-4B62-B4AB-6BB035C74324} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation) Task: {E23FCF39-2983-4755-9699-3FFE1F628EFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation) Task: {F10ECB18-D553-4F77-9D53-6EBB229BA316} - System32\Tasks\{DAF58BE7-EFD0-4165-B179-7BD7013B3059} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe" Task: {F7340851-2691-46AC-8169-2437D4A916EA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {F8FB25D6-CC53-4653-99EE-1348C59FEF19} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001UA1d2374cd4a4f58 => C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {FE622233-38F0-44B7-923C-9E049C5371DF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001Core1d2374cd437264.job => C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3333309580-3961816760-648053868-1001UA1d2374cd4a4f58.job => C:\Users\Koganei\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Koganei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KGS Online\CGoban 3.lnk -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://files.gokgs.com/javaBin/cgoban.jnlp "C:\Users\Koganei\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\21086f76-1196d0ca" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-10-15 16:38 - 2016-10-25 21:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-15 16:38 - 2016-10-25 21:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-15 16:38 - 2016-10-25 21:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2015-09-18 19:29 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2016-04-19 09:49 - 2016-04-19 09:49 - 00233608 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\http.plg 2016-04-19 09:49 - 2016-04-19 09:49 - 00140696 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ip.plg 2016-04-19 09:49 - 2016-04-19 09:49 - 00119344 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ipv6.plg 2016-04-19 09:49 - 2016-04-19 09:49 - 00076704 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\portmap.plg 2016-04-19 09:49 - 2016-04-19 09:49 - 00165000 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\tcp.plg 2016-04-19 09:49 - 2016-04-19 09:49 - 00148440 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\udp.plg 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-29 19:24 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-24 08:45 - 2016-10-01 20:53 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-29 19:24 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-24 08:53 - 2016-09-24 08:53 - 01864384 _____ () C:\Users\Koganei\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll 2016-09-24 09:41 - 2016-09-24 09:41 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-11-09 00:16 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-09 00:16 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-09 00:16 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-09 00:16 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-11-09 00:16 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-09 00:16 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-11-17 14:03 - 2016-11-17 14:03 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-17 14:03 - 2016-11-17 14:03 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-17 14:03 - 2016-11-17 14:03 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-11-09 00:16 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll 2015-09-18 19:28 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-07-30 15:07 - 2016-10-25 21:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-15 16:38 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-15 16:38 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-15 16:38 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-15 16:38 - 2016-10-25 21:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-15 16:38 - 2016-10-25 21:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-15 16:38 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-15 16:38 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-15 16:38 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-15 16:38 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-11-10 02:16 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-10 02:16 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll 2016-09-24 08:53 - 2016-09-24 08:53 - 01383616 _____ () C:\Users\Koganei\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll 2016-09-24 08:53 - 2016-09-24 08:53 - 00118976 _____ () C:\Users\Koganei\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll 2015-12-11 17:26 - 2016-10-10 17:29 - 00035792 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-11-10 22:14 - 2016-10-10 17:29 - 00145864 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-11-10 22:14 - 2016-10-10 17:29 - 00019408 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-11-10 22:14 - 2016-10-10 17:29 - 00116688 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-11 17:26 - 2016-10-10 17:29 - 00100296 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-11 17:26 - 2016-10-10 17:29 - 00018888 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-11 17:26 - 2016-11-07 23:59 - 00019760 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-11 17:26 - 2016-10-10 17:29 - 00694224 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-11-10 22:14 - 2016-11-07 23:58 - 00020816 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 17:26 - 2016-10-10 17:30 - 00123856 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-11-10 22:14 - 2016-11-07 23:58 - 01682760 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-11-10 22:14 - 2016-11-07 23:58 - 00020808 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00105928 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-08-28 18:40 - 2016-11-07 23:59 - 00021312 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00052024 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00038696 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-11-10 22:14 - 2016-10-10 17:29 - 00392144 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2016-11-10 22:14 - 2016-10-10 17:31 - 00020936 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00024528 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00116176 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-11 17:26 - 2016-11-07 23:59 - 00381752 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00124880 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-08-28 18:40 - 2016-11-07 23:59 - 00025424 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00175560 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00030160 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00043472 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00048592 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32service.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00057808 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00024016 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-11-10 22:14 - 2016-11-07 23:58 - 00246592 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00026456 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-28 18:40 - 2016-10-10 17:30 - 00241104 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\_jpegtran.pyd 2016-11-10 22:14 - 2016-11-07 23:58 - 00020280 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00028616 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-11 17:26 - 2016-11-07 23:59 - 00023376 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2016-02-19 21:12 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-19 21:12 - 2016-11-07 23:59 - 00019776 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-19 21:12 - 2016-11-07 23:59 - 00020800 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00350152 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-19 21:12 - 2016-11-07 23:59 - 00022352 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00024392 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-11-10 22:14 - 2016-10-10 17:27 - 00036296 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\librsync.dll 2016-11-10 22:14 - 2016-11-07 23:59 - 00031568 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-11-10 22:14 - 2016-11-07 23:49 - 00293392 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-11-10 22:14 - 2016-11-07 23:59 - 00084280 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-11-10 22:14 - 2016-11-07 23:59 - 01826096 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-11 17:26 - 2016-10-10 17:29 - 00083912 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\sip.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00531248 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 03928880 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 01972528 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00133424 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00224056 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00207672 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-08-28 18:40 - 2016-11-07 23:59 - 00020288 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd 2016-11-10 22:14 - 2016-10-10 17:33 - 00017864 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\libEGL.dll 2016-11-10 22:14 - 2016-10-10 17:34 - 01631184 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2016-11-10 22:14 - 2016-11-07 23:59 - 00042808 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00168760 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00357680 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-12-11 17:26 - 2016-10-10 17:31 - 00060880 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-04-15 15:00 - 2016-11-07 23:59 - 00037192 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2016-08-28 18:40 - 2016-11-07 23:59 - 00024904 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-11-10 22:14 - 2016-11-07 23:59 - 00546096 _____ () C:\Users\Koganei\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\CLDShowX.ini:Update.CL [5122] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3333309580-3961816760-648053868-1001\...\sharepoint.com -> hxxps://studentfhkielde.sharepoint.com ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2016-10-27 14:31 - 00000841 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3333309580-3961816760-648053868-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Koganei\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AJRouter => 3 MSCONFIG\Services: vpnagent => 2 ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4A6E1BD8-447D-4750-8A52-6D889EB9E9FF}] => (Allow) F:\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{F3EF615F-93A8-4225-BBFD-8F71AF4C533E}] => (Allow) F:\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [UDP Query User{BBD30004-BB80-49ED-81B3-6672A51AC4A4}C:\windows\system32\runtimebroker.exe] => (Allow) C:\windows\system32\runtimebroker.exe FirewallRules: [TCP Query User{9182E2A7-8151-4DF0-BC71-7C9BC013C482}C:\windows\system32\runtimebroker.exe] => (Allow) C:\windows\system32\runtimebroker.exe FirewallRules: [{5D2BAA76-5252-487D-891E-B04046E14E70}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{3934D6E0-CB88-45FE-8366-64C6C16EDA94}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe FirewallRules: [{6E0B9C3D-BF1B-4A07-94FF-8981E5F87BA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe FirewallRules: [{E04B4020-C6A7-4531-9CC8-4C2075FD0480}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe FirewallRules: [{CCC8C0DF-8175-4085-8638-EF08371E8D2E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{1A703C5B-AC39-4E0D-9866-E4E0ECC7D656}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{9F82BF36-9E98-452D-801A-97E3379253C1}] => (Allow) F:\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{80CA1162-E316-49C7-A653-29B8FFF58C46}] => (Allow) F:\StarCraft II\StarCraft II.exe FirewallRules: [{93AD457C-F9E8-4E42-9EAB-7B322D99B28C}] => (Allow) F:\StarCraft II\StarCraft II.exe FirewallRules: [{E6F3D719-7F7B-44E9-ABB6-30C171848327}] => (Allow) F:\Hearthstone\Hearthstone.exe FirewallRules: [{B6D69639-20A3-4937-9EFA-200CE0FC5C07}] => (Allow) F:\Hearthstone\Hearthstone.exe FirewallRules: [{BB377B45-F46B-4B29-B2D5-F1CDFB66E6A4}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{CAB02D1B-5FED-4893-8367-76B1BA3CBE5B}] => (Allow) F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{1EAF061F-3E6D-4268-8D1F-33F98869B16E}] => (Allow) F:\Diablo III\Diablo III.exe FirewallRules: [{F3C2659C-8475-4B4E-B7C9-53C3FBB1061A}] => (Allow) F:\Diablo III\Diablo III.exe FirewallRules: [{B4E44B64-F8DE-4AD4-861B-D98197459B93}] => (Allow) F:\Battle.net\Battle.net.exe FirewallRules: [{098DF1EC-6027-4FDF-92BD-238F1A369C74}] => (Allow) F:\Battle.net\Battle.net.exe FirewallRules: [{C9A5D21A-97FF-49A8-9880-1556E5B6E51A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe FirewallRules: [{72E0CBAC-0FF7-4A4F-9DA2-B8E1663908C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe FirewallRules: [{EF9860B0-F7F7-41A7-9C7A-2910A7E65BAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{D5187FF1-A14F-4E2B-8CA4-90D9D9091ED6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{4D605D31-AE16-4518-961E-85F0FFAA6E94}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{83C8AA81-BA84-440C-B756-E8F7692F5389}] => (Allow) F:\Steam\Steam.exe FirewallRules: [TCP Query User{DBD88C07-A1E2-4913-B8D3-4A0B34B3378C}C:\users\koganei\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\koganei\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B1E0BB8C-0E1F-4069-86A1-5F8AA94759BD}C:\users\koganei\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\koganei\appdata\roaming\spotify\spotify.exe FirewallRules: [{D6E6E287-A2E0-4235-B90B-478D568A83E2}] => (Allow) F:\Steam\SteamApps\common\Magic 2014\DotP_D14.exe FirewallRules: [{8FF697EE-F026-42CD-B06A-0AA1F39C53F1}] => (Allow) F:\Steam\SteamApps\common\Magic 2014\DotP_D14.exe FirewallRules: [{76E0E415-132A-4230-9357-2ABADD4E7502}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{9EC5BB7D-6096-4978-8BD6-99132FA3EC77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe FirewallRules: [{A7644612-F300-4DE8-B8C0-778DCFB246CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{A0C974D9-7C19-4EF0-B419-96CFFA68C28D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe FirewallRules: [{8F93E275-1FF8-4ED3-8D1C-3FA723BF0F22}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{E9706190-688D-4F66-9B65-676AD1804013}] => (Allow) F:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{4B12C1FB-D031-4E46-99CD-637B7EC85396}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe FirewallRules: [{E4E44059-D09C-45C0-9198-67CAFB090649}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe FirewallRules: [{2D5C043A-0CC4-4935-BCF0-3E93A971B7A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{9897AF1E-3FDF-41AC-A737-A16159F6C525}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe FirewallRules: [{CB74FA22-84A3-4426-B942-3689415E83CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{419362A3-6E37-496C-BBC1-34BDE4A614D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe FirewallRules: [{7E750D51-7D9A-4ADE-8627-3883F3C03333}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{6D0FDBAC-E802-4980-B344-AD21D5FF0C49}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{A3142909-9795-411C-93CF-BA31C6033D78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{22465FA0-9FA8-435D-8BC1-7AACC237384B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe FirewallRules: [{7DC303C5-6BEF-4232-82BB-D6AE39457953}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{D07F3114-25CA-4E02-900C-147610A22BDE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe FirewallRules: [{E7817721-340D-4272-AEA2-76DBE9AADF22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{271F75E8-77CD-4FB3-922C-0065336FC635}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe FirewallRules: [{5C6456B8-A532-41FA-8688-29A257208DE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [{ADB91D64-1CFF-494C-BBE7-8662F0BCCAC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe FirewallRules: [{2AAD00B4-031E-45AB-B9C2-0D3106C32D49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [{EDCB4A22-C82D-4D18-9E51-16A9C3908BBB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe FirewallRules: [TCP Query User{B90E3C71-EE16-4052-AF45-FE0CEFD7EB74}C:\users\koganei\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\koganei\downloads\downloader_warcraft3_reign_of_chaos_engb.exe FirewallRules: [UDP Query User{4A33C9D1-6BE8-4C62-83BA-8F773DECD684}C:\users\koganei\downloads\downloader_warcraft3_reign_of_chaos_engb.exe] => (Allow) C:\users\koganei\downloads\downloader_warcraft3_reign_of_chaos_engb.exe FirewallRules: [TCP Query User{278FBE57-0E4F-4C84-9C93-B515EB3C4DF7}C:\users\koganei\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\koganei\downloads\downloader_warcraft3_the_frozen_throne_engb.exe FirewallRules: [UDP Query User{23C5131D-190C-4FED-809E-D58470B13E00}C:\users\koganei\downloads\downloader_warcraft3_the_frozen_throne_engb.exe] => (Allow) C:\users\koganei\downloads\downloader_warcraft3_the_frozen_throne_engb.exe FirewallRules: [TCP Query User{3C6C5F41-B4E2-4049-9C4F-3D575D20FEAA}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe FirewallRules: [UDP Query User{EB539CD2-EA6F-4261-85F2-1C71F549793E}F:\warcraft iii\war3.exe] => (Allow) F:\warcraft iii\war3.exe FirewallRules: [{A66EEE91-D1AA-412A-BBB2-40F08AE02181}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [{62A488E7-6839-48CB-A058-C979FE666C45}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe FirewallRules: [TCP Query User{1E4EE9A3-D27F-45EC-A8A5-E017419B0EE0}F:\steam\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [UDP Query User{A6EF158D-0D5B-4110-9933-1C91713A1756}F:\steam\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe FirewallRules: [TCP Query User{7416B1B4-DF07-4631-860C-CDFD9CCC1260}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe FirewallRules: [UDP Query User{1DE5F202-CA77-4988-88E6-FDC05850401D}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3427\agent.exe FirewallRules: [TCP Query User{FF6FC1F5-BC38-4F7C-8879-775593CC8477}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe FirewallRules: [UDP Query User{2C80C031-DBD8-4AB8-9DD7-7665C585F3D8}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe FirewallRules: [{72FCEB15-457E-4831-8C6D-FA8089B6F9CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe FirewallRules: [{25E2FAFA-FFF1-4DF4-BC67-C2D90FA56D4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe FirewallRules: [{D8E5D8DA-16D4-4040-A82B-9B51D7036BBF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{CE5BD929-E576-4338-9E00-4C271B3F263A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [TCP Query User{18AD6695-0168-4B28-99B4-BA1187F6A93F}F:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) F:\heroes of the storm\versions\base32524\heroesofthestorm.exe FirewallRules: [UDP Query User{8838BE3C-F48B-4CEA-A827-4B61287C8410}F:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) F:\heroes of the storm\versions\base32524\heroesofthestorm.exe FirewallRules: [TCP Query User{51299714-CBA7-4706-AF6C-E4F729A05A77}C:\users\koganei\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\koganei\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{6D22581F-AD7F-40EE-BE10-ABDA4926D768}C:\users\koganei\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\koganei\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{224770EC-CDF3-4725-9622-4F8C21792683}F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [UDP Query User{140084CC-8737-43EF-9CD0-97D70F82AA62}F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe FirewallRules: [TCP Query User{3BEF51A9-AD99-45A3-9772-4BD9408CD22F}F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [UDP Query User{497E86BA-1224-4F99-A0A8-416C58DC9064}F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) F:\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe FirewallRules: [{21DACFEA-F825-4EAA-8EAB-06E2FF7F24F0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [{6D89927A-600D-4A65-BE9B-77A0FC668B81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe FirewallRules: [TCP Query User{52228DFB-09F2-4943-8EDD-3C9F015AADAE}F:\launcher\bethesda.net_launcher.exe] => (Allow) F:\launcher\bethesda.net_launcher.exe FirewallRules: [UDP Query User{9A40BB4F-1648-4B7B-98EE-CF16286CC5FA}F:\launcher\bethesda.net_launcher.exe] => (Allow) F:\launcher\bethesda.net_launcher.exe FirewallRules: [{3668D4DB-EE10-4DBD-AB24-FE698E97B634}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{1761223C-AB7D-4525-961E-C8AFBC048FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [TCP Query User{B43BA755-537F-4F73-8DD5-926822261A9A}F:\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{11CBFAFB-F4D1-430D-B406-096798ECF182}F:\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe FirewallRules: [{DE318780-971F-4D79-80B0-0E66C38FDF53}] => (Allow) F:\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe FirewallRules: [{AF7A2C70-AF5C-4476-845B-DC0654FD7FE7}] => (Allow) F:\Steam\SteamApps\common\Montague's Mount\_OculusRift\MontaguesMount_v0_9_1_Oculus.exe FirewallRules: [TCP Query User{6F148640-F1CD-44C9-A64E-3A7C33711850}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe FirewallRules: [UDP Query User{1E053370-87D1-4457-9EDD-6C66741462BB}C:\programdata\battle.net\agent\agent.3668\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3668\agent.exe FirewallRules: [{0FD1A362-4582-40C5-8240-4CA3D14E0FE0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{74058648-90AF-49AD-B9F4-ACBEADC3F711}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe FirewallRules: [{AF35FEEC-46CB-4376-8309-D7013B92EB22}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{7C6AEE1C-83DF-4333-9650-567D909B0EB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe FirewallRules: [{681E42F4-B55C-416F-B010-2A1D593D9E63}] => (Allow) F:\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe FirewallRules: [{BFCE2C08-678C-441B-BC4D-10FBCE7F2051}] => (Allow) F:\Steam\SteamApps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe FirewallRules: [{E8D78D0A-AF9C-4B4B-95E9-0A77C8AFE433}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [{5D2A7148-1674-4AA1-9764-2BDEB45D66EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe FirewallRules: [TCP Query User{DF1A5906-6499-4E4B-8C03-E1B660BF18A7}F:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{F92A38F6-DFC8-4A3B-97C6-7955181C296E}F:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe FirewallRules: [{10C344BC-2753-418A-9513-18C6F122F31A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{51CFE1DF-D6D0-4700-8053-7DF29AF79CD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [TCP Query User{36D52B3C-3DE8-4821-A858-FBDA5A66BA7C}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{85671E07-6DAC-4B10-90A5-4A030D412047}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{055D5B21-6367-459E-A4CF-862F6EE1E0A0}F:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{F3E9AAA2-B712-44A2-8FE1-454A23234427}F:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{9748E96E-51A8-475E-8124-B136FCC2E931}F:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) F:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe FirewallRules: [UDP Query User{6784883F-DBE5-4C72-8FAF-1A8F7F5658BC}F:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe] => (Allow) F:\steam\steamapps\common\bloodline champions\binary\bloodlinechampions.exe FirewallRules: [{F8D53F5F-811F-4D22-AEA4-8FA021E01070}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{D381560E-A91E-42A5-B978-31D03C10292F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [TCP Query User{8F9E0B05-9013-4AD2-B3C9-1A5F3EF482CD}F:\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\starcraft ii\versions\base32283\sc2.exe FirewallRules: [UDP Query User{B5D4166A-5D5F-4E7E-83EF-BA3955A0DF89}F:\starcraft ii\versions\base32283\sc2.exe] => (Allow) F:\starcraft ii\versions\base32283\sc2.exe FirewallRules: [TCP Query User{B9A70084-2970-4DFA-A4BD-199D8CD1D664}F:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{7A43DAEC-753B-4968-A5E9-A1AF7ACDED97}F:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe FirewallRules: [{389912FA-E482-45DD-A03E-2743C9E5FEBC}] => (Allow) F:\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [{2E8A3027-2A56-4FCC-89DE-BF2A1EB075F2}] => (Allow) F:\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe FirewallRules: [TCP Query User{FA4A2AFF-8FD4-45E8-80DC-FFF08EE9313E}F:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\call of duty 4 - modern warfare\iw3mp.exe FirewallRules: [UDP Query User{F4C03F00-93EA-48EE-9BA8-DF7C6B1C5593}F:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) F:\call of duty 4 - modern warfare\iw3mp.exe FirewallRules: [TCP Query User{BFD2DD57-CF32-491B-A64D-ADD21FBD6EAA}C:\users\koganei\desktop\warcraft iii\war3.exe] => (Allow) C:\users\koganei\desktop\warcraft iii\war3.exe FirewallRules: [UDP Query User{AAC3F903-CD01-42CE-BA50-0050FB28CFEF}C:\users\koganei\desktop\warcraft iii\war3.exe] => (Allow) C:\users\koganei\desktop\warcraft iii\war3.exe FirewallRules: [TCP Query User{6E16146A-CF04-47A0-A4D2-943194D68858}F:\hl.exe] => (Allow) F:\hl.exe FirewallRules: [UDP Query User{8EEA4389-66A4-4067-8342-C9E0BCEAB155}F:\hl.exe] => (Allow) F:\hl.exe FirewallRules: [TCP Query User{4CA607EE-8210-4E22-A2B1-7293C5C68F67}F:\star wars\gamedata\battlefrontii.exe] => (Allow) F:\star wars\gamedata\battlefrontii.exe FirewallRules: [UDP Query User{E4E3B34E-9F57-4374-92B0-EC7E678A29D9}F:\star wars\gamedata\battlefrontii.exe] => (Allow) F:\star wars\gamedata\battlefrontii.exe FirewallRules: [TCP Query User{9AA98F73-5253-486F-A896-A71CEF9D5210}C:\users\koganei\desktop\lan\warcraft iii\war3.exe] => (Allow) C:\users\koganei\desktop\lan\warcraft iii\war3.exe FirewallRules: [UDP Query User{33ECDB4C-9DA8-45EB-AD63-AE28DA4B843E}C:\users\koganei\desktop\lan\warcraft iii\war3.exe] => (Allow) C:\users\koganei\desktop\lan\warcraft iii\war3.exe FirewallRules: [TCP Query User{C78099C1-DC80-4110-A408-34419A28E465}F:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{81562F5C-B280-47B9-8F68-7C6EFC3C3416}F:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [{E4C220D0-71A1-47D9-B71F-0F067C540DB9}] => (Allow) C:\Users\Koganei\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{61E750B7-9E6F-4F57-A2AF-33E7A1865FF0}] => (Allow) C:\Users\Koganei\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{13E90747-2819-4D7E-9DCF-91E4F0126FF2}] => (Allow) F:\Steam\SteamApps\common\The Talos Principle Demo\Bin\Talos_Demo.exe FirewallRules: [{D54D0591-79A1-4FF2-AC0A-5F7488B67DC8}] => (Allow) F:\Steam\SteamApps\common\The Talos Principle Demo\Bin\Talos_Demo.exe FirewallRules: [TCP Query User{D7D5E66A-D0B0-44C5-8F4F-2496256ADCD5}F:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C1746EA8-1C90-4C88-AE3A-03A23BC1B828}F:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{D7013E02-A9AD-4159-8597-DB313BF6DD4B}C:\users\koganei\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\koganei\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{12B95C82-11CA-4A87-9AB1-1C93E25E7BB3}C:\users\koganei\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\koganei\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{242CFCD8-2F75-4EC7-9E35-A8B3EEC6F5E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{A1AEF0A0-9247-4720-B069-828A7D55A75E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{05D68781-5CDC-43F2-9FEB-3C85A7A78307}F:\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{31A7C950-B42B-495A-8ED5-B9E8DC901604}F:\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{D6998997-FAD6-422D-91D4-822A52CCDB20}F:\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{29175E18-2E59-487C-B7B6-38A9DEC408BC}F:\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{468D4501-5C59-45DF-BB8B-B1917709437C}F:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EEBAE701-2718-4033-915A-DA6FB7675812}F:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [{C8E40829-E144-450D-821A-98F4746A993A}] => (Allow) F:\Origin\Mass Effect\MassEffectLauncher.exe FirewallRules: [{EF3B5745-BD8F-4591-95F7-29A6C65F6127}] => (Allow) F:\Origin\Mass Effect\MassEffectLauncher.exe FirewallRules: [{FE53E091-113A-44C2-9A02-E4D768FFDA33}] => (Allow) F:\Origin\Mass Effect\Binaries\MassEffect.exe FirewallRules: [{1185F6F1-4F1E-4F3F-8AB3-BADE20EE615A}] => (Allow) F:\Origin\Mass Effect\Binaries\MassEffect.exe FirewallRules: [TCP Query User{1B82C687-2B19-467F-8162-96F041BD6B32}F:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{AA6D9633-1486-4E0C-8074-7E42197AECBA}F:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{D4B04FB8-7601-4926-986D-5D9D7646B773}] => (Allow) F:\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{E6C9443C-25E5-4DE0-A7DA-4C7F3E2F5A04}] => (Allow) F:\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [TCP Query User{ABF6813E-C32A-4D78-A414-57B85B072BBB}F:\world of warships\wowslauncher.exe] => (Allow) F:\world of warships\wowslauncher.exe FirewallRules: [UDP Query User{816D2D2F-C2C0-4A9A-B180-920420A1DB2B}F:\world of warships\wowslauncher.exe] => (Allow) F:\world of warships\wowslauncher.exe FirewallRules: [{182FB754-718C-404C-B067-28624833115E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{5BD0E443-114F-4D81-9D44-40FB123E861D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7D1364EF-FF43-4BB6-8A95-D2A8142D2889}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6DDC4FD8-C259-49AF-9D75-6B24947E459F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CF65F090-E213-4B09-8AC0-1C4E7CC42236}] => (Allow) F:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe FirewallRules: [{00879E54-F042-4155-8DDE-46D7DA78AE8E}] => (Allow) F:\Steam\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe FirewallRules: [{991DD1AA-0C25-4EAF-A810-0D81974C8F08}] => (Allow) F:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{4C77D5F3-E274-4C80-BAF6-DD0878C48489}] => (Allow) F:\Steam\SteamApps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{9CF0676E-91EB-4B4A-88F2-C03938FAF616}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE FirewallRules: [{E0AD9CCB-6853-44C9-B3D4-691C7551EF21}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{0402CCD2-62FB-4155-8481-D39993C7D482}F:\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{97DCC556-65D6-4C10-BAC1-A720588775D9}F:\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [{780D07E0-34A3-455E-A914-659FF73166F9}] => (Allow) F:\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{C8EB475B-4A66-40AE-83D1-6606DE450E3E}] => (Allow) F:\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [TCP Query User{607643FD-DFC7-4A1D-A59B-7F8BAD7256E8}F:\unreal tournament\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) F:\unreal tournament\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [UDP Query User{D2B68C9B-9A07-4557-8E95-4C50C07005E7}F:\unreal tournament\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) F:\unreal tournament\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [TCP Query User{58BD9D89-E041-4A02-BEC3-D369688092C0}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{AC4B5E7B-617A-40F4-9289-B7DD206132C5}C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [{1AA9903E-37D3-4707-88F2-307D174FC79D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B82FD719-4AC0-4C05-8AFA-BCBB902614E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{CC0861FA-3F9D-4E85-8103-F2FF7EF03248}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{C8E313E1-CA42-43BC-9BD8-D6F6A7AE2FFD}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{226CFE6D-E707-4C34-8B41-401BD3FAB8A0}] => (Allow) F:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{B120AE52-B493-464D-A1FB-7DF808E21547}] => (Allow) F:\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [TCP Query User{07C68185-3619-41C8-90DF-18B81C98482E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{399B98A3-81AE-4F16-8D5E-0AB3411D7765}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{E905DC44-81C8-48AF-9C34-9C59C0E97D77}] => (Allow) F:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{9016E765-D12D-4B9D-9701-B1B28BAEB95E}] => (Allow) F:\Steam\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe FirewallRules: [{CCE9DB39-50BB-490D-B902-D1CB8E167E02}] => (Allow) C:\Users\Koganei\Downloads\bin\BlackDesert32.exe FirewallRules: [{F0E1547D-CA75-4AB6-AE53-D089C78E57F3}] => (Allow) C:\Users\Koganei\Downloads\bin64\BlackDesert64.exe FirewallRules: [{21033ACE-E66B-46E1-8C50-96CA143D8C3E}] => (Allow) C:\Users\Koganei\Downloads\BlackDesert_Launcher.exe FirewallRules: [{11ACCB1B-6535-4D1D-9449-60883073505E}] => (Allow) C:\Users\Koganei\Downloads\BlackDesert_Downloader.exe FirewallRules: [{78DC5F32-9AFA-42FF-AC6B-4E7D03BC3B92}] => (Allow) F:\GameforgeLive\gfl_client.exe FirewallRules: [{93A0DB08-3DB7-4128-91FD-857760099BEB}] => (Allow) F:\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe FirewallRules: [{197E49E6-BDF5-48AB-A33C-7E3E874C74F6}] => (Allow) F:\Steam\SteamApps\common\Dreamfall Chapters\Dreamfall Chapters.exe FirewallRules: [TCP Query User{8A3D94FF-FC85-40F4-894E-97F045293051}F:\overwatch\overwatch.exe] => (Allow) F:\overwatch\overwatch.exe FirewallRules: [UDP Query User{9B1A1C9B-5CD5-42E0-BDD1-0D04C1A35DB1}F:\overwatch\overwatch.exe] => (Allow) F:\overwatch\overwatch.exe FirewallRules: [{F8F6690F-1D81-47D5-8C2A-1182DDCB8061}] => (Allow) F:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{77E21A18-7E32-4E2E-BEC1-E545475BA24B}] => (Allow) F:\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{8983122C-EF35-4867-A0CC-B5B67F88A011}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{3422EEF0-40CD-4F6C-A251-3601F905AC09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{8AD65D24-0EC6-48C8-9998-EA8EDA60F14F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{70B802CA-4873-4208-B3E4-43A57655BAC0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{C52C8FA5-F508-432E-8A94-519B8A25BF2B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{B87D8413-17E7-4CFD-BFC7-A31F0F608B96}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AB659A27-7C76-4968-BB5B-768AD74F0C26}] => (Allow) F:\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{FFF4DC41-9CE3-4138-9209-2C66AAE0FE02}] => (Allow) F:\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{B06D6E16-10AC-454E-A449-1A2EE943F099}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B45B14FB-B6EC-45A3-A486-6F2BBB086306}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{173218DF-C6CE-4B48-976E-943859858C15}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/20/2016 08:40:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BELLA) Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/20/2016 08:40:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BELLA) Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/19/2016 09:32:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BELLA) Description: Das Paket „Microsoft.Windows.Photos_16.1111.10000.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte. Error: (11/19/2016 04:29:05 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (11/19/2016 01:39:23 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BELLA) Description: Die Anwendung oder der Dienst "Acresso Software Manager" konnte nicht heruntergefahren werden. Error: (11/19/2016 11:13:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (11/19/2016 11:13:45 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode. Error: (11/19/2016 11:13:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (11/19/2016 11:13:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (11/19/2016 11:13:45 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Systemfehler: ============= Error: (11/21/2016 12:41:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/20/2016 09:46:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/20/2016 08:40:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/20/2016 08:38:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (11/20/2016 08:37:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/20/2016 08:37:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/20/2016 08:37:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/20/2016 08:37:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/20/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Logitech Gaming Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/20/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-11-18 14:38:38.582 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2016-11-18 14:38:35.664 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2016-11-05 20:45:59.859 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4771 CPU @ 3.50GHz Prozentuale Nutzung des RAM: 36% Installierter physikalischer RAM: 8070.96 MB Verfügbarer physikalischer RAM: 5108.81 MB Summe virtueller Speicher: 10374.96 MB Verfügbarer virtueller Speicher: 6980.5 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:111.01 GB) (Free:72.76 GB) NTFS Drive d: () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS Drive f: () (Fixed) (Total:1862.67 GB) (Free:1676.3 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 641516C9) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 808FA855) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
21.11.2016, 15:53 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
21.11.2016, 17:42 | #21 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 21.11.2016 Suchlaufzeit: 16:31 Protokolldatei: MWB.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.11.21.10 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Koganei Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 316014 Abgelaufene Zeit: 4 Min., 53 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1009104cdf91b14e9508e9eaf49489dd # end=init # utc_time=2016-11-21 03:32:20 # local_time=2016-11-21 04:32:20 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 31481 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1009104cdf91b14e9508e9eaf49489dd # end=updated # utc_time=2016-11-21 03:41:05 # local_time=2016-11-21 04:41:05 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=1009104cdf91b14e9508e9eaf49489dd # engine=31481 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-11-21 04:39:11 # local_time=2016-11-21 05:39:11 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Kaspersky Total Security' # compatibility_mode=1312 67108861 100 100 20224 12676885 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 91743 11076967 0 0 # scanned=309285 # found=3 # cleaned=0 # scan_time=3485 sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Koganei\AppData\Local\Temp\DMR\dmr_72.exe" sh=0E8274619BF5C0AFCA93033B76F4B9C9F40FCC11 ft=1 fh=54b2cf8d78f48294 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Koganei\Downloads\HijackThis - CHIP-Installer (1).exe" sh=C71947186309216820CB4DEA5EA4B72A333B5026 ft=1 fh=31f18b2dd5514a83 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Koganei\Downloads\HijackThis - CHIP-Installer.exe" Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky Total Security Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 71 Java version 32-bit out of Date! Adobe Flash Player 23.0.0.207 Mozilla Firefox (50.0) Google Chrome (54.0.2840.71) Google Chrome (54.0.2840.99) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MpCmdRun.exe Kaspersky Lab Kaspersky Secure Connection 1.0 ksde.exe Kaspersky Lab Kaspersky Secure Connection 1.0 ksdeui.exe Sophos Sophos Network Threat Protection bin SntpService.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
21.11.2016, 21:51 | #22 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä.Zitat:
Was ist noch an Problemen offen?
__________________ Logfiles bitte immer in CODE-Tags posten |
21.11.2016, 22:15 | #23 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Wie meinst du das? ^^ Edit: Habe das Java 8 Update 71 deinstalliert. |
22.11.2016, 11:57 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Wie meine ich was? Was man unter dem Begriff "Problem" versteht weißt du nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
22.11.2016, 14:17 | #25 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Passt schon. Wenn das mit dem WoW-Problem behoben sein sollte, dann habe ich sonst keine Probleme mehr. Danke für deine Hilfe |
22.11.2016, 15:11 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Das muss nicht behoben sein. Weil es auch eine ganz andere Ursache haben kann. Es kann eigentlich auch nicht angehen, dass du dich für dein Konto Login bei dienem Smartphone bestätigen musst ein angeblicher Cracker aber alles so kann. Nach meinem Verständnis passt das hinten und vorne nicht.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.11.2016, 15:44 | #27 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Naja ich hab meine Daten niemandem gegeben. Ich wüsste nicht was passiert sein könnte, das das ermöglicht hat. Ich dachte ich finde hier am ehesten Rat wie man das herausfinden und lösen könnte. Aber ich verstehe was du meinst. |
22.11.2016, 16:14 | #28 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Wie soll der Cracker denn dein Login übergehen? Sobald sich jmd einlogt in dein dein Konto muss es doch an deinem Smartphone bestätigt werden oder nicht. Ich glaub hier werden entweder Dinge durcheinander gebracht oder da ist gar kein Hack! Was das angeblich gehackt wurde also wie sich das auswirkt wurde ja auch nicht beschrieben
__________________ Logfiles bitte immer in CODE-Tags posten |
22.11.2016, 16:49 | #29 |
| Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Das erste mal als es passiert ist hatte ich noch keine Verbindung zwischen meinem Account und meinem Smartphone. Das war Tag 1. Anschließend habe ich mit dem Kundendienst geredet und habe sie gefragt was ich machen kann/sollte. Die haben mir dann den Authentificator empfohlen und gesagt das sollte reichen, wenn ich dazu noch mein Passwort bei meiner E-Mail und meinem Account ändere. (habe ich auch gemacht) Am 2. Tag ist es jedoch wieder passiert, wobei ich keine Nachricht auf meinem Smartphone bekommen habe, dass sich jemand in meinen Account einloggt, weswegen ich es auch nicht ablehnen/bestätigen konnte. Daraufhin habe ich wieder mit dem Kundendienst geredet, die mir dann diese E-Mail geschrieben haben, die ich hier auch gepostet hatte. Sie haben auch meinen Authentificator gelöscht und ich sollte ihn neu installieren, was ich auch gemacht habe. Am 3. Tag ist es schon wieder passiert woraufhin ich meinen Account sperren lies bis das geklärt ist. Tut mir leid, dass das so spät kommt. Vielleicht wirft das ja ein neues Licht auf die Sache :/ |
23.11.2016, 09:41 | #30 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. Dann gibts ja nur eine Schlussfolgerung: dieser Authenticator taugt einfach nix.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Kann trotz Authentificators von Blizzard in WoW gehackt werden und denke ich habe einen Trojaner o.Ä. |
desktop, e-mail, excel, flash player, frage, google, hacken, hijack, hijackthis, home, homepage, internet, kaspersky, kaspersky total security, launch, monitor, mozilla, node.js, nvcontainer, prozesse, realtek, rundll, scan, security, software, svchost.exe, system, trojaner, windows, windowsapps |