| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.11.2016, 18:18
| #1 |
 |  NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Hallo Trojaner- Bekämpfer, leider habe ich mir mit NetUtils2016.sys und Net Utils2016.dll etwas eingefangen was ich nicht mehr los wer. Ich hoffe das ihr mir helfen könnt die Dateien zu entfernen. Ich habe es schon mit ADW Cleaner probiert die Dateien zu löschen, was aber leider nicht geklappt hat. Ich habe hier im Forum schon ein Thema mit dem selben Problem gefunden, dort wurden aber bis jetzt nur zwei Logdateien gepostet. Also habe ich schon mal die FRST Logfiles und die TDSSKiller Logfile erstellt. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
durchgeführt von Besitzer (Administrator) auf BESITZER-PC (22-11-2016 12:00:59)
Gestartet von C:\Users\Besitzer\Desktop
Geladene Profile: Besitzer (Verfügbare Profile: Besitzer)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVK\AVKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
() E:\Razer\razerhid.exe
(Razer Inc.) E:\Razer\razerofa.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(G DATA Software AG) E:\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Lachesis] => E:\Razer\razerhid.exe [172032 2007-09-12] ()
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4196848 2016-11-09] (Steganos Software GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,e:\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => E:\Garmin Express\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2013-01-08]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Gigabyte\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
BootExecute: autocheck autochk * Partizan
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.26.64.1
Tcpip\..\Interfaces\{27a8635f-444b-4ad2-ab86-c83ab7eb2b9a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{424fb301-0322-4cdd-b64e-0b6c9477c2cf}: [DhcpNameServer] 10.26.64.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
hxxp://www.giga.de/androidnews/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-02] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\iwc7lxw2.default-1479674830963 [2016-11-22]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-09] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2013-01-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-09] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Besitzer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-02-26] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-02-26] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; E:\G Data\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
S3 Garmin Device Interaction Service; E:\Garmin Express\Garmin\Device Interaction Service\GarminService.exe [985616 2016-10-25] (Garmin Ltd. or its subsidiaries)
R2 GDBackupSvc; E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [353792 2016-11-09] (Steganos Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-16] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [37400 2016-10-16] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [30280 2016-10-16] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [274400 2016-10-16] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [105544 2016-10-16] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-16] (G DATA Software AG)
S3 GPCIDrv; E:\Gigabyte\GPCIDrv64.sys [14376 2010-02-04] ()
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2016-11-08] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153160 2016-10-16] (G Data Software AG)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2016-11-20] () <==== ACHTUNG
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-11-20] (Greatis Software)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-22 12:00 - 2016-11-22 12:01 - 00016806 _____ C:\Users\Besitzer\Desktop\FRST.txt
2016-11-22 11:59 - 2016-11-22 12:00 - 00000000 ____D C:\FRST
2016-11-22 11:58 - 2016-11-22 11:59 - 02412544 _____ (Farbar) C:\Users\Besitzer\Desktop\FRST64.exe
2016-11-20 23:18 - 2016-11-22 11:51 - 00000256 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2016-11-20 23:11 - 2016-11-20 23:19 - 00000000 ____D C:\ProgramData\RegRun
2016-11-20 23:05 - 2016-11-20 23:05 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2016-11-20 23:03 - 2016-11-20 23:21 - 00000000 ____D C:\Users\Besitzer\Documents\RegRun2
2016-11-20 23:03 - 2016-11-20 23:20 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-11-20 23:03 - 2016-11-20 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-11-20 23:03 - 2016-11-20 23:03 - 00003446 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2016-11-20 23:03 - 2016-11-01 13:08 - 00015016 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2016-11-20 23:03 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe
2016-11-20 20:28 - 2016-11-20 20:28 - 00000000 ____D C:\Users\Besitzer\AppData\Local\PeerDistRepub
2016-11-20 20:26 - 2016-11-22 11:52 - 00000000 ____D C:\AdwCleaner
2016-11-20 20:26 - 2016-11-20 20:26 - 03910208 _____ C:\Users\Besitzer\Downloads\adwcleaner_6.030.exe
2016-11-20 20:19 - 2016-11-20 20:19 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CEF
2016-11-20 15:41 - 2016-11-20 15:41 - 17228772 _____ C:\Users\Besitzer\Desktop\IMG_20161120_0001.pdf
2016-11-20 13:55 - 2016-11-22 11:51 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2016-11-20 13:55 - 2016-11-20 13:55 - 00909944 ____N C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2016-11-20 13:55 - 2016-11-20 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-11-20 13:55 - 2016-11-20 13:55 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-11-20 13:46 - 2016-11-17 00:46 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-11-20 13:43 - 2016-11-17 02:06 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 28203576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10354800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 08761376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 02953152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 02586048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01038904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-11-15 15:17 - 2016-11-10 23:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll
2016-11-15 15:17 - 2016-11-10 23:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
2016-11-13 20:35 - 2016-11-15 15:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-13 18:09 - 2016-11-13 18:09 - 00001142 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2016-11-13 18:08 - 2016-11-13 18:08 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos Updates
2016-11-09 18:09 - 2016-11-02 11:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:09 - 2016-11-02 11:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 18:09 - 2016-11-02 10:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:09 - 2016-11-02 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 18:09 - 2016-11-02 10:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:09 - 2016-11-02 10:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:08 - 2016-11-02 12:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 18:08 - 2016-11-02 12:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 18:08 - 2016-11-02 11:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 18:08 - 2016-11-02 11:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 18:08 - 2016-11-02 11:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:08 - 2016-11-02 11:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:08 - 2016-11-02 11:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 18:08 - 2016-11-02 11:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 18:08 - 2016-11-02 11:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:08 - 2016-11-02 11:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:08 - 2016-11-02 11:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 18:08 - 2016-11-02 11:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 18:08 - 2016-11-02 11:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:08 - 2016-11-02 11:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 18:08 - 2016-11-02 11:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 18:08 - 2016-11-02 11:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 18:08 - 2016-11-02 11:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 18:08 - 2016-11-02 11:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:08 - 2016-11-02 11:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 18:08 - 2016-11-02 11:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:08 - 2016-11-02 11:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 18:08 - 2016-11-02 11:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:08 - 2016-11-02 11:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 18:08 - 2016-11-02 11:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 18:08 - 2016-11-02 11:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:08 - 2016-11-02 10:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 18:08 - 2016-11-02 10:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:08 - 2016-11-02 10:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 18:08 - 2016-11-02 10:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 18:08 - 2016-11-02 10:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 18:08 - 2016-11-02 10:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 18:08 - 2016-11-02 10:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:08 - 2016-11-02 10:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 18:08 - 2016-11-02 10:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 18:08 - 2016-11-02 10:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 18:08 - 2016-11-02 10:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:08 - 2016-11-02 10:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 18:08 - 2016-11-02 10:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:08 - 2016-11-02 10:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 18:08 - 2016-11-02 10:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 18:08 - 2016-11-02 10:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:08 - 2016-11-02 10:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 18:08 - 2016-11-02 10:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:08 - 2016-11-02 10:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 18:08 - 2016-11-02 10:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 18:08 - 2016-11-02 10:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 18:08 - 2016-11-02 10:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 18:08 - 2016-11-02 10:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 18:08 - 2016-11-02 10:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 18:08 - 2016-11-02 10:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:08 - 2016-11-02 10:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 18:08 - 2016-11-02 10:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:08 - 2016-11-02 10:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:08 - 2016-11-02 10:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 18:08 - 2016-11-02 10:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 18:08 - 2016-11-02 10:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 18:08 - 2016-11-02 10:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 18:08 - 2016-11-02 10:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:08 - 2016-11-02 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:08 - 2016-11-02 10:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:08 - 2016-11-02 10:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:08 - 2016-11-02 10:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 18:08 - 2016-11-02 10:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 18:08 - 2016-11-02 10:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:08 - 2016-11-02 10:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:08 - 2016-11-02 10:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 18:08 - 2016-11-02 10:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 18:08 - 2016-11-02 10:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:08 - 2016-11-02 10:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:08 - 2016-11-02 10:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:08 - 2016-11-02 10:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 18:08 - 2016-11-02 10:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:08 - 2016-11-02 10:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:08 - 2016-11-02 10:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:08 - 2016-11-02 10:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:08 - 2016-11-02 10:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:08 - 2016-11-02 10:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:08 - 2016-11-02 10:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:08 - 2016-11-02 09:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 18:08 - 2016-11-02 09:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 18:08 - 2016-11-02 08:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 18:08 - 2016-08-02 04:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-06 22:32 - 2016-11-13 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-11-06 22:32 - 2016-11-13 18:09 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2016-11-06 22:32 - 2016-11-06 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos VPN
2016-11-06 22:31 - 2016-11-13 18:08 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos
2016-11-04 17:11 - 2016-10-25 20:21 - 00106040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-04 17:11 - 2016-10-25 20:21 - 00095800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-10-28 15:49 - 2016-10-25 21:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-28 15:49 - 2016-10-25 21:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-27 21:15 - 2016-10-15 04:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 21:15 - 2016-10-15 04:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 21:15 - 2016-10-15 04:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 21:15 - 2016-10-15 04:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 21:15 - 2016-10-15 04:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 21:15 - 2016-10-15 03:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 21:15 - 2016-10-15 03:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 21:15 - 2016-10-15 03:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 21:15 - 2016-10-15 03:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 21:15 - 2016-10-15 03:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 21:15 - 2016-10-15 03:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 21:15 - 2016-10-15 03:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 21:15 - 2016-10-15 03:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 21:15 - 2016-10-15 03:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 21:15 - 2016-10-15 03:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 21:15 - 2016-10-15 03:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 21:15 - 2016-10-15 03:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 21:15 - 2016-10-15 03:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 21:15 - 2016-10-15 03:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 21:15 - 2016-10-15 03:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 21:15 - 2016-10-15 03:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 21:15 - 2016-10-15 03:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 21:15 - 2016-10-15 03:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 21:15 - 2016-10-15 03:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 21:15 - 2016-10-15 03:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 21:15 - 2016-08-27 05:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 21:14 - 2016-10-15 04:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 21:14 - 2016-10-15 04:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 21:14 - 2016-10-15 04:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 21:14 - 2016-10-15 04:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 21:14 - 2016-10-15 04:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 21:14 - 2016-10-15 04:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 21:14 - 2016-10-15 04:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 21:14 - 2016-10-15 04:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 21:14 - 2016-10-15 04:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 21:14 - 2016-10-15 04:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 21:14 - 2016-10-15 04:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 21:14 - 2016-10-15 04:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 21:14 - 2016-10-15 04:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 21:14 - 2016-10-15 04:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 21:14 - 2016-10-15 04:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 21:14 - 2016-10-15 04:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 21:14 - 2016-10-15 04:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 21:14 - 2016-10-15 04:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 21:14 - 2016-10-15 04:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 21:14 - 2016-10-15 04:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 21:14 - 2016-10-15 04:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 21:14 - 2016-10-15 04:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 21:14 - 2016-10-15 04:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 21:14 - 2016-10-15 04:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 21:14 - 2016-10-15 04:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 21:14 - 2016-10-15 04:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 21:14 - 2016-10-15 03:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 21:14 - 2016-10-15 03:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 21:14 - 2016-10-15 03:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 21:14 - 2016-10-15 03:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 21:14 - 2016-10-15 03:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 21:14 - 2016-10-15 03:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 21:14 - 2016-10-15 03:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 21:14 - 2016-10-15 03:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 21:14 - 2016-10-15 03:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 21:14 - 2016-10-15 03:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 21:14 - 2016-10-15 03:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 21:14 - 2016-10-15 03:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 21:14 - 2016-10-15 03:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 21:14 - 2016-10-15 03:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 21:14 - 2016-10-15 03:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 21:14 - 2016-10-15 03:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 21:14 - 2016-10-15 03:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 21:14 - 2016-10-15 03:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 21:14 - 2016-10-15 03:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 21:14 - 2016-10-15 03:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 21:14 - 2016-10-15 03:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 21:14 - 2016-10-15 03:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 21:14 - 2016-10-15 03:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 21:14 - 2016-10-15 03:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 21:14 - 2016-10-15 03:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 21:14 - 2016-10-15 03:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 21:14 - 2016-10-15 03:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 21:14 - 2016-10-15 03:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 21:14 - 2016-10-15 03:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 21:14 - 2016-10-15 03:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 21:14 - 2016-09-10 13:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 21:14 - 2016-08-06 04:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-25 23:41 - 2016-10-22 07:25 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437563.dll
2016-10-25 23:41 - 2016-10-22 07:25 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437563.dll
2016-10-24 21:21 - 2016-10-24 21:21 - 00000711 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-10-24 21:21 - 2016-10-24 21:21 - 00000661 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-22 12:00 - 2013-11-12 16:18 - 00015862 _____ C:\Users\Besitzer\Desktop\1.odt
2016-11-22 11:58 - 2016-07-28 14:50 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Packages
2016-11-22 11:58 - 2016-07-16 11:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 11:58 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-22 11:57 - 2016-09-26 15:33 - 02284542 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-22 11:57 - 2016-07-16 22:51 - 00892132 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-22 11:57 - 2016-07-16 22:51 - 00212864 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-22 11:57 - 2016-07-16 06:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-11-22 11:51 - 2016-09-26 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-22 11:51 - 2016-09-26 15:32 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-20 23:25 - 2016-07-16 06:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-20 22:01 - 2016-09-26 15:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-20 19:26 - 2016-10-11 21:08 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2016-11-20 19:16 - 2016-09-26 15:33 - 00000000 ____D C:\Users\Besitzer
2016-11-20 18:49 - 2013-01-03 23:35 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Google
2016-11-20 15:15 - 2016-07-16 11:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-20 15:15 - 2015-10-23 10:28 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Winamp
2016-11-20 14:11 - 2014-02-06 20:12 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2016-11-20 13:47 - 2013-01-02 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-20 13:46 - 2016-03-11 10:24 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-20 13:44 - 2016-09-26 15:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-18 17:25 - 2013-01-02 10:15 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2016-11-17 02:06 - 2016-09-22 09:13 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-17 01:03 - 2016-09-26 15:32 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-17 00:58 - 2016-10-08 20:53 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-16 09:52 - 2016-09-26 15:32 - 07529957 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-16 01:08 - 2016-04-27 12:30 - 00000000 ____D C:\Users\Besitzer\Desktop\Wrexham
2016-11-15 11:22 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-12 01:57 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 16:17 - 2016-04-27 05:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-10 16:16 - 2016-09-26 15:31 - 00224440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-10 01:35 - 2016-07-16 11:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 01:27 - 2013-08-15 21:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-10 01:23 - 2013-01-02 09:59 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 20:56 - 2014-02-06 20:12 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2016-11-08 15:21 - 2016-09-26 15:40 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-06 13:23 - 2016-09-29 17:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-06 13:20 - 2016-09-29 22:04 - 00000000 ____D C:\Users\Besitzer\Desktop\Post
2016-11-05 00:13 - 2016-09-26 15:40 - 00003614 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-11-05 00:13 - 2014-07-17 16:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 00:13 - 2014-03-07 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-04 21:49 - 2015-11-09 17:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 17:11 - 2016-10-08 20:54 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:54 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-04 17:11 - 2016-10-08 20:53 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-09-26 15:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-04 17:11 - 2016-09-26 15:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-02 10:39 - 2016-05-30 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Ubisoft Game Launcher
2016-10-29 00:46 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 00:46 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-29 00:45 - 2016-07-16 11:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 23:56 - 2016-07-16 11:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 23:56 - 2016-07-16 11:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-25 20:21 - 2016-10-08 20:54 - 01854008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-10-25 20:21 - 2016-10-08 20:54 - 01756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-10-25 20:21 - 2016-10-08 20:54 - 01454136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-10-25 20:21 - 2016-10-08 20:54 - 01318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-10-25 20:21 - 2016-10-08 20:54 - 00121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-10-25 20:21 - 2016-05-13 10:07 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-18 19:43 - 2015-01-24 23:43 - 0000100 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2013-12-31 00:43 - 2014-01-03 00:43 - 0000005 _____ () C:\Users\Besitzer\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-11-18 19:43 - 2014-01-29 23:47 - 0000005 _____ () C:\Users\Besitzer\AppData\Roaming\WBPU-TTL.DAT
2013-01-04 15:11 - 2013-01-04 15:11 - 0007971 _____ () C:\Users\Besitzer\AppData\Local\CleanupUninstall.txt
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-13 16:46
==================== Ende von FRST.txt ============================
|
|
22.11.2016, 18:23
| #2 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
durchgeführt von Besitzer (22-11-2016 12:01:29)
Gestartet von C:\Users\Besitzer\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-26 15:41:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-837637057-831856249-3172674156-500 - Administrator - Disabled)
Besitzer (S-1-5-21-837637057-831856249-3172674156-1000 - Administrator - Enabled) => C:\Users\Besitzer
DefaultAccount (S-1-5-21-837637057-831856249-3172674156-503 - Limited - Disabled)
Gast (S-1-5-21-837637057-831856249-3172674156-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-837637057-831856249-3172674156-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series Benutzerregistrierung (HKLM-x32\...\Canon MG5500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.4 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 7.6.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Razer Lachesis (HKLM-x32\...\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05163006-1713-4662-9ECF-A289C25682FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {056ABC7C-5510-4802-84C3-491898526578} - System32\Tasks\UnHackMe Task Scheduler => C:\Users\Besitzer\Downloads\unhackme\UnHackMe\hackmon.exe
Task: {05B93D9D-C20A-4CD7-8A84-C9FB2D4366D7} - System32\Tasks\{BAF4566D-623C-4A84-8C02-0D29C3B594AA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {0C393234-3617-4076-B130-1BE4BD8A3256} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10C41A4A-DCC8-48A3-AA20-456F8F3B1B05} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18551047-874B-4EF4-A770-EFA96FBB64BA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {1A549595-0AA1-4AC3-B2A8-192FBA9CDF10} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BF41312-AFA6-444A-A74B-F19F9BD44ABE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {2440B0DF-847D-41D3-83F9-0723AD76A37C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {3147D6C3-F5EB-4122-80A9-7D1E608B6638} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {316AFADB-1695-4E43-91B1-AFE552CC924D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {33297236-54E4-41F3-AA26-89BD90369DBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3A527B61-F9EB-4823-8F7B-D88845438842} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B180863-34A4-4E7F-BB35-03EFC8E10D8C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3ECC7296-435D-4569-9EFE-515BF5303D8D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {472E3CB9-D46A-483B-B83F-80558A76169C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4BAB933E-800C-429E-89FF-A0168544C6D4} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {510B36D6-382B-478B-B1AA-D5D1455E3A74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51CAFBF8-6C6E-4946-AB38-45D5AD02F433} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {570526D1-40B5-4399-B6F3-44718CA0783D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {58051736-2ABD-449F-B0F0-563A6F035338} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6553A9AA-230F-4EE5-A5B4-211F5ECC1F1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {6D436F27-ACA2-4829-B611-9ECB95369765} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6F257B1F-1C15-416F-9EDF-959D0B388678} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F701EB-EB43-4659-8D08-9C9747E0B668} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7C33A0DF-B7F4-4440-9C04-4DD3DED2545E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81776BD7-F93C-4E78-BCB5-6F45695ED1CE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {863D3DEE-5FDE-47CC-8E71-B894DD7550ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8FFDB8AB-076B-47F7-B20A-DF979713C320} - System32\Tasks\GarminUpdaterTask => E:\Garmin Express\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {9B979401-AC10-43DF-A0A6-EED8F31B099A} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9FB62280-61F6-4D96-BC82-65F056D64558} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A093B5C9-8F64-47CD-BB66-D30DB7392577} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A225348E-AD2D-4A65-8BC6-35323C3EBB18} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {ACF90DCF-6B69-43A9-8C1D-FF5949F78A6C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B9FE4B24-1246-4120-B139-181C3F8EC526} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF5BB204-0C22-421E-B9F8-56847688576A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1CEA9DE-D208-4E16-A042-A522D2A0874A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C4D8DF84-1186-4E3B-BC63-B0A6FF608A93} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C63C77B7-0D0C-473E-A2D7-077AB63A5D97} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBC93D5F-3447-47AD-A4E9-9FD9A5505357} - System32\Tasks\{512D56E3-F360-492A-8377-1655BDC0E6CB} => pcalua.exe -a "F:\Die Siedler 3 Gold\s3new160.exe" -d "F:\Die Siedler 3 Gold"
Task: {CC54D319-77BE-4F3D-A8D2-8D9FE514D98E} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {D4006CE8-1F43-43B8-8E70-289A7C359A8A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {D75666BD-99B9-4B61-8219-48BE1777AE7E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DCDC366E-3070-4F42-821B-A046398B17BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E6A0AEC5-3FB1-4AF3-8172-8994259D0553} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E6C43306-247C-4767-ADFD-DB37A29ECD32} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {F9D98F16-B99C-436F-9661-ABFAF62CFCF7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE41568A-8454-4921-B9D5-CE63307E7A02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE666C86-5E93-4C2D-A8F6-F55C61C505FE} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-20 13:55 - 2016-11-22 11:51 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-02-26 21:51 - 2012-06-01 16:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-10-08 20:53 - 2016-10-25 20:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 20:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 03:24 - 2016-09-15 03:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 15:32 - 2016-11-17 01:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-26 15:43 - 2016-09-26 15:43 - 01864384 _____ () C:\Users\Besitzer\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2013-01-02 10:15 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-09-26 15:28 - 2016-09-26 15:28 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 18:08 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-01-04 15:15 - 2007-09-12 10:52 - 00172032 _____ () E:\Razer\razerhid.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 12:14 - 2016-11-17 12:15 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2014-02-26 21:51 - 2016-11-22 11:51 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-26 21:51 - 2010-06-29 09:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-03-30 16:03 - 2016-10-25 20:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-08 20:54 - 2016-10-25 19:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-08 20:53 - 2016-10-25 20:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-08 20:54 - 2016-10-25 20:20 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2013-01-02 09:11 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Besitzer\Desktop\Camera\20161015_113910.jpg
DNS Servers: 10.26.64.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "E:\Garmin Express\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoPro Studio Importer => E:\GoPro\Tools\Importer\GoPro Importer.exe
MSCONFIG\startupreg: icq => C:\Users\Besitzer\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => "E:\PDF24 Creator\PDF24\pdf24.exe"
MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent
HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5789BFCB-169E-464A-B933-D66FB9EC5C8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{34F0FDF7-1030-4E6F-9E62-E0566C616597}] => (Allow) LPort=2869
FirewallRules: [{EDA44A7C-8B13-4098-887A-8248D57097A7}] => (Allow) LPort=1900
FirewallRules: [{44443659-5755-4253-92A5-E64487F8A89F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D523A2AA-3805-44E6-A49C-6BE3152C80F8}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{D2544F73-F330-4C2D-BB90-9CDB1B540B84}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2BBBB36C-08A7-48F3-9359-716DF6C1F226}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{121D68E7-DB37-47F2-B424-BC9408A23C32}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{0614F48B-E052-498F-8636-36F782C0AC2B}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [{7970B55F-6580-4478-8451-11FD890EA09B}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{06D11F40-A4EE-4619-B0CF-4E2D442562C4}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{4702517A-0ADF-4CCA-A7FC-6CEE469627D2}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{DB25B767-D436-4312-8FE5-39DD4C72F45E}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{9A10335C-783B-4C86-8FB2-AC7E67983D83}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{6B624F88-526D-4991-ABF7-79921DC290F3}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [{96D46E33-AFEB-4566-8E00-85BD05F11403}] => (Allow) LPort=80
FirewallRules: [{E8E4F516-4E3D-4776-9CC1-508F5AD9CBE7}] => (Allow) LPort=443
FirewallRules: [{836B6973-58BC-4261-A2DC-51AC9974222E}] => (Allow) LPort=20010
FirewallRules: [{C455F500-F553-4B45-AF34-F97354C0EBB0}] => (Allow) LPort=3478
FirewallRules: [{4283F6DD-6B42-43F2-BD3D-88FEDF8AC991}] => (Allow) LPort=7850
FirewallRules: [{FE75D79A-51F2-4F2E-9049-E2E5FDD10968}] => (Allow) LPort=27022
FirewallRules: [{5306BFCF-D2B9-4F4C-AD41-4D8763B7BDED}] => (Allow) LPort=6881
FirewallRules: [{4070EF40-DABC-44AB-A2DC-44BDA0825C58}] => (Allow) LPort=33333
FirewallRules: [{191C804A-11F8-4C95-819F-E5A9D7382305}] => (Allow) LPort=20443
FirewallRules: [{E0527434-8B09-47F7-8423-7891EF411AB5}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{24F63F12-1B69-41A7-ABD5-C90172F08C38}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CC76194F-2B92-4DB8-9B0C-ED3504072AB8}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [{F12A88BB-3240-4F31-BE01-FE799257E5E8}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{280B3A55-7845-4E80-A8B4-863D614C3DBF}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E390CDFB-734B-4D0C-AD33-5DED3F4569D0}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{51DA4C23-01D7-4F20-944E-C2665ECB2BB5}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DD415602-B56D-474F-9ED6-52DC8964100A}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A33D45B2-0236-41EC-8C0C-2EADE326305C}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{BEBE546E-BBDF-4EFA-B244-87A759D741AD}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{967DAD35-6504-41A4-A008-3F0E111CEF41}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B0E9CBD4-35B5-41F3-BDA1-212E27DC9FF7}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{FD03265E-1590-4ECA-8095-3199F917B3EA}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [{48CE88A9-B6B2-4B12-8341-250B5C3D11BE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4B5E1922-84C6-4261-8AEC-4B6FC0708349}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4432F9F0-E89F-4928-8947-F7C536DA92F9}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F8EB4EEA-5A89-4DB4-98AC-F299D406C132}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F0BF95A1-22E1-4EC4-B1F1-79927BDB3C0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40C36661-D47B-4C1B-92FC-F6F8E56AF769}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2EF67A2-C812-46BD-86F7-EE79E4E08944}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{665A5F39-04E1-4314-B4AF-8A8BA8B83C67}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{66BD0279-67D8-4B85-8294-AA8B07E9218D}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [UDP Query User{D04AD17D-1AC6-4AA8-AF61-C98361703F68}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [{34DAB699-EBE6-46DA-86AB-2017F214EC98}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FA034A7-EEE0-436A-A814-382C745E633E}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E0BCF4F-8A8B-45E1-B301-7280E5126279}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{15AEAEBA-E2A1-40D4-8239-3525261F470F}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{03780365-FC7F-472C-BC6B-6B7568A62AE8}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{ECD76374-4FF2-4695-A74C-00BA9C0222A0}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{645EAE9E-CAE6-43B0-845C-7B751772DC6A}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{9E5AF418-7B50-48C5-B099-51C70197889E}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{A0CBB088-505D-41B8-B63E-577FDDA30C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{41296DEB-D38F-4848-B681-35C8C795597E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C22D78CB-F323-4B7B-B2FA-69FCB0C48B22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7571E63B-7127-4A9C-9641-9C4387D71678}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5772FD3A-5B77-43EC-9F0A-6CBA43D758AC}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{842589F6-EA4E-4C1F-8B80-327AAFD57B6C}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{432A822D-28B2-40F0-B956-080CFB1D53E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44117B54-807A-49EB-8285-FED18472A486}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{18EAEEC0-1800-45D2-A24E-EBE9EF4B93AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2BABB2D7-A657-4514-8C64-7F2571413896}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8D8855E-9E8A-4D53-8646-8B43E2D7082E}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{184775FF-7E20-4694-9627-19DFF39D44B4}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{33EACE3D-F976-4C20-A0B1-276EC5B142E9}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{BAF5AEAB-23AF-4F0E-B39B-C2541B4E9EAC}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{3C83C4B3-B94E-4A10-8275-D015856F9062}] => (Allow) LPort=7852
FirewallRules: [{607B1440-8C87-45C4-9F34-1D55879EF1E9}] => (Allow) LPort=7853
FirewallRules: [{6663C1AB-BE71-4FCD-B147-7690E41B0D0B}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B9FB389E-B3F5-4D49-92B1-EE8024696F85}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6A5C7112-03AA-43CA-9F4E-DC235794EA4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
==================== Wiederherstellungspunkte =========================
10-11-2016 01:23:12 Windows Update
18-11-2016 16:46:32 Geplanter Prüfpunkt
20-11-2016 14:04:53 Removed Online.io Application
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/20/2016 10:51:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{832e3cfd-7668-4ed6-8842-01ad33d31eeb}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/20/2016 07:30:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{67e79ae6-1727-4dc2-a67f-78d27f21059d}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/20/2016 07:26:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f48
Startzeit: 01d24363dcd7651c
Beendigungszeit: 9
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 40033c4d-af57-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0x5d0
Startzeit der fehlerhaften Anwendung: 0x01d2436402f8580e
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 3f4e4c15-6559-4961-bf63-ebcaae7ba792
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/20/2016 07:26:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2560
Startzeit: 01d243637880ed17
Beendigungszeit: 60000
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 04725364-af57-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a84
Startzeit: 01d2435fd6cb1728
Beendigungszeit: 56333
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: e5acb750-af53-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 189c
Startzeit: 01d24360a6991fcc
Beendigungszeit: 39
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: ff768e3e-af53-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 07:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0xd44
Startzeit der fehlerhaften Anwendung: 0x01d24360c24910a6
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: fd260796-d363-42e8-857e-859946f7369e
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/20/2016 06:57:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b6c
Startzeit: 01d2435ef4976a9d
Beendigungszeit: 60000
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: fe74836f-af52-11e6-b561-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/20/2016 06:56:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{ef5b1c15-d881-4549-aa5d-e1d8c2c63094}“ wurde beendet, da das Anhalten zu lange dauerte.
Systemfehler:
=============
Error: (11/22/2016 11:51:28 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/22/2016 11:51:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 11:18:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 11:18:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 11:05:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 11:05:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 09:31:10 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/20/2016 09:31:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/20/2016 09:30:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht.
Error: (11/20/2016 09:29:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-11-22 12:00:44.924
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-22 12:00:42.811
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 22:51:25.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:40:04.790
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:40:00.454
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 15:39:53.781
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:17:06.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:16:56.222
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:16:53.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-20 14:03:14.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16336.51 MB
Verfügbarer physikalischer RAM: 13395.29 MB
Summe virtueller Speicher: 32720.51 MB
Verfügbarer virtueller Speicher: 29738.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:136.29 GB) (Free:50.74 GB) NTFS
Drive e: (Programme) (Fixed) (Total:24.42 GB) (Free:21.98 GB) NTFS
Drive f: (Games) (Fixed) (Total:72.08 GB) (Free:3.87 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:863.02 GB) (Free:700.45 GB) NTFS
Drive h: (Daten) (Fixed) (Total:1000 GB) (Free:921.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D28C1B57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=136.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=72.1 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4102C964)
Partition 1: (Not Active) - (Size=863 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter 12:12:30.0190 0x2068 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
12:12:33.0472 0x2068 ============================================================
12:12:33.0488 0x2068 Current date / time: 2016/11/22 12:12:33.0472
12:12:33.0488 0x2068 SystemInfo:
12:12:33.0488 0x2068
12:12:33.0488 0x2068 OS Version: 10.0.14393 ServicePack: 0.0
12:12:33.0488 0x2068 Product type: Workstation
12:12:33.0488 0x2068 ComputerName: BESITZER-PC
12:12:33.0488 0x2068 UserName: Besitzer
12:12:33.0488 0x2068 Windows directory: C:\WINDOWS
12:12:33.0488 0x2068 System windows directory: C:\WINDOWS
12:12:33.0488 0x2068 Running under WOW64
12:12:33.0488 0x2068 Processor architecture: Intel x64
12:12:33.0488 0x2068 Number of processors: 4
12:12:33.0488 0x2068 Page size: 0x1000
12:12:33.0488 0x2068 Boot type: Normal boot
12:12:33.0488 0x2068 CodeIntegrityOptions = 0x00000001
12:12:33.0488 0x2068 ============================================================
12:12:33.0597 0x2068 KLMD registered as C:\WINDOWS\system32\drivers\91722058.sys
12:12:33.0597 0x2068 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
12:12:33.0660 0x2068 System UUID: {1C3DE98F-EE0C-CECF-72EE-2832B3F5CE1A}
12:12:33.0847 0x2068 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:33.0847 0x2068 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:33.0847 0x2068 ============================================================
12:12:33.0847 0x2068 \Device\Harddisk0\DR0:
12:12:33.0847 0x2068 MBR partitions:
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x11095800
12:12:33.0847 0x2068 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x110C8000, BlocksNum 0x30D4800
12:12:33.0847 0x2068 \Device\Harddisk1\DR1:
12:12:34.0066 0x2068 MBR partitions:
12:12:34.0066 0x2068 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6BE09000
12:12:34.0066 0x2068 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6BE09800, BlocksNum 0x7CFFE000
12:12:34.0066 0x2068 ============================================================
12:12:34.0066 0x2068 C: <-> \Device\Harddisk0\DR0\Partition2
12:12:34.0066 0x2068 E: <-> \Device\Harddisk0\DR0\Partition3
12:12:34.0066 0x2068 G: <-> \Device\Harddisk1\DR1\Partition1
12:12:34.0066 0x2068 H: <-> \Device\Harddisk1\DR1\Partition2
12:12:34.0066 0x2068 ============================================================
12:12:34.0066 0x2068 Initialize success
12:12:34.0066 0x2068 ============================================================
12:12:43.0758 0x16ec ============================================================
12:12:43.0758 0x16ec Scan started
12:12:43.0758 0x16ec Mode: Manual; SigCheck; TDLFS;
12:12:43.0758 0x16ec ============================================================
12:12:43.0758 0x16ec KSN ping started
12:12:43.0789 0x16ec KSN ping finished: true
12:12:44.0524 0x16ec ================ Scan system memory ========================
12:12:44.0524 0x16ec System memory - ok
12:12:44.0524 0x16ec ================ Scan services =============================
12:12:44.0555 0x16ec 1394ohci - ok
12:12:44.0555 0x16ec 3ware - ok
12:12:44.0555 0x16ec ACPI - ok
12:12:44.0571 0x16ec AcpiDev - ok
12:12:44.0571 0x16ec acpiex - ok
12:12:44.0571 0x16ec acpipagr - ok
12:12:44.0571 0x16ec AcpiPmi - ok
12:12:44.0571 0x16ec acpitime - ok
12:12:44.0571 0x16ec [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:44.0602 0x16ec AdobeARMservice - ok
12:12:44.0618 0x16ec ADP80XX - ok
12:12:44.0618 0x16ec AFD - ok
12:12:44.0618 0x16ec ahcache - ok
12:12:44.0618 0x16ec AJRouter - ok
12:12:44.0618 0x16ec ALG - ok
12:12:44.0633 0x16ec AmdK8 - ok
12:12:44.0633 0x16ec AmdPPM - ok
12:12:44.0633 0x16ec amdsata - ok
12:12:44.0633 0x16ec amdsbs - ok
12:12:44.0633 0x16ec amdxata - ok
12:12:44.0633 0x16ec AppHostSvc - ok
12:12:44.0633 0x16ec AppID - ok
12:12:44.0649 0x16ec AppIDSvc - ok
12:12:44.0649 0x16ec Appinfo - ok
12:12:44.0649 0x16ec applockerfltr - ok
12:12:44.0649 0x16ec AppMgmt - ok
12:12:44.0649 0x16ec AppReadiness - ok
12:12:44.0649 0x16ec AppVClient - ok
12:12:44.0665 0x16ec AppvStrm - ok
12:12:44.0665 0x16ec AppvVemgr - ok
12:12:44.0665 0x16ec AppvVfs - ok
12:12:44.0665 0x16ec AppXSvc - ok
12:12:44.0665 0x16ec arcsas - ok
12:12:44.0680 0x16ec [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
12:12:44.0711 0x16ec asComSvc - ok
12:12:44.0727 0x16ec [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
12:12:44.0743 0x16ec asHmComSvc - ok
12:12:44.0758 0x16ec [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
12:12:44.0758 0x16ec AsIO - ok
12:12:44.0774 0x16ec aspnet_state - ok
12:12:44.0774 0x16ec [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
12:12:44.0790 0x16ec AsSysCtrlService - ok
12:12:44.0790 0x16ec [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\WINDOWS\syswow64\drivers\AsUpIO.sys
12:12:44.0790 0x16ec AsUpIO - ok
12:12:44.0821 0x16ec [ D0B202843B8ADE504EB304DC1E889A3C, B4E30B218A11B32CCB07FD2B37CD85C582721B7321862566593558E059A2047B ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
12:12:44.0868 0x16ec AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
12:12:44.0993 0x16ec Detect skipped due to KSN trusted
12:12:44.0993 0x16ec AsusFanControlService - ok
12:12:44.0993 0x16ec [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\WINDOWS\syswow64\drivers\ASUSFILTER.sys
12:12:45.0008 0x16ec ASUSFILTER - ok
12:12:45.0008 0x16ec AsyncMac - ok
12:12:45.0008 0x16ec atapi - ok
12:12:45.0008 0x16ec AudioEndpointBuilder - ok
12:12:45.0008 0x16ec Audiosrv - ok
12:12:45.0086 0x16ec [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
12:12:45.0165 0x16ec AVKProxy - ok
12:12:45.0196 0x16ec [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService E:\G Data\InternetSecurity\AVK\AVKService.exe
12:12:45.0211 0x16ec AVKService - ok
12:12:45.0258 0x16ec [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
12:12:45.0321 0x16ec AVKWCtl - ok
12:12:45.0321 0x16ec AxInstSV - ok
12:12:45.0321 0x16ec b06bdrv - ok
12:12:45.0321 0x16ec BasicDisplay - ok
12:12:45.0321 0x16ec BasicRender - ok
12:12:45.0336 0x16ec bcmfn - ok
12:12:45.0336 0x16ec bcmfn2 - ok
12:12:45.0336 0x16ec BDESVC - ok
12:12:45.0336 0x16ec Beep - ok
12:12:45.0336 0x16ec BFE - ok
12:12:45.0336 0x16ec BITS - ok
12:12:45.0352 0x16ec bowser - ok
12:12:45.0352 0x16ec BrokerInfrastructure - ok
12:12:45.0352 0x16ec Browser - ok
12:12:45.0352 0x16ec BthAvrcpTg - ok
12:12:45.0352 0x16ec BthHFEnum - ok
12:12:45.0352 0x16ec bthhfhid - ok
12:12:45.0352 0x16ec BthHFSrv - ok
12:12:45.0368 0x16ec BTHMODEM - ok
12:12:45.0368 0x16ec bthserv - ok
12:12:45.0368 0x16ec buttonconverter - ok
12:12:45.0368 0x16ec CapImg - ok
12:12:45.0368 0x16ec cdfs - ok
12:12:45.0368 0x16ec CDPSvc - ok
12:12:45.0383 0x16ec CDPUserSvc - ok
12:12:45.0383 0x16ec cdrom - ok
12:12:45.0383 0x16ec CertPropSvc - ok
12:12:45.0383 0x16ec cht4iscsi - ok
12:12:45.0383 0x16ec cht4vbd - ok
12:12:45.0383 0x16ec circlass - ok
12:12:45.0399 0x16ec CLFS - ok
12:12:45.0399 0x16ec ClipSVC - ok
12:12:45.0399 0x16ec clreg - ok
12:12:45.0399 0x16ec CmBatt - ok
12:12:45.0399 0x16ec CNG - ok
12:12:45.0415 0x16ec cnghwassist - ok
12:12:45.0415 0x16ec CompositeBus - ok
12:12:45.0415 0x16ec COMSysApp - ok
12:12:45.0415 0x16ec condrv - ok
12:12:45.0430 0x16ec CoreMessagingRegistrar - ok
12:12:45.0430 0x16ec CryptSvc - ok
12:12:45.0430 0x16ec CSC - ok
12:12:45.0430 0x16ec CscService - ok
12:12:45.0430 0x16ec dam - ok
12:12:45.0446 0x16ec DcomLaunch - ok
12:12:45.0446 0x16ec DcpSvc - ok
12:12:45.0446 0x16ec defragsvc - ok
12:12:45.0446 0x16ec DeviceAssociationService - ok
12:12:45.0446 0x16ec DeviceInstall - ok
12:12:45.0446 0x16ec DevQueryBroker - ok
12:12:45.0446 0x16ec Dfsc - ok
12:12:45.0461 0x16ec [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:12:45.0461 0x16ec dg_ssudbus - ok
12:12:45.0461 0x16ec Dhcp - ok
12:12:45.0477 0x16ec diagnosticshub.standardcollector.service - ok
12:12:45.0477 0x16ec DiagTrack - ok
12:12:45.0477 0x16ec disk - ok
12:12:45.0477 0x16ec DmEnrollmentSvc - ok
12:12:45.0477 0x16ec dmvsc - ok
12:12:45.0477 0x16ec dmwappushservice - ok
12:12:45.0493 0x16ec Dnscache - ok
12:12:45.0493 0x16ec dot3svc - ok
12:12:45.0493 0x16ec DPS - ok
12:12:45.0493 0x16ec drmkaud - ok
12:12:45.0493 0x16ec DsmSvc - ok
12:12:45.0493 0x16ec DsSvc - ok
12:12:45.0493 0x16ec DXGKrnl - ok
12:12:45.0508 0x16ec EapHost - ok
12:12:45.0508 0x16ec ebdrv - ok
12:12:45.0508 0x16ec EFS - ok
12:12:45.0508 0x16ec EhStorClass - ok
12:12:45.0508 0x16ec EhStorTcgDrv - ok
12:12:45.0508 0x16ec embeddedmode - ok
12:12:45.0508 0x16ec EntAppSvc - ok
12:12:45.0524 0x16ec ErrDev - ok
12:12:45.0524 0x16ec EventSystem - ok
12:12:45.0524 0x16ec exfat - ok
12:12:45.0524 0x16ec fastfat - ok
12:12:45.0524 0x16ec Fax - ok
12:12:45.0524 0x16ec fdc - ok
12:12:45.0524 0x16ec fdPHost - ok
12:12:45.0540 0x16ec FDResPub - ok
12:12:45.0540 0x16ec fhsvc - ok
12:12:45.0540 0x16ec FileCrypt - ok
12:12:45.0540 0x16ec FileInfo - ok
12:12:45.0540 0x16ec Filetrace - ok
12:12:45.0555 0x16ec flpydisk - ok
12:12:45.0555 0x16ec FltMgr - ok
12:12:45.0555 0x16ec FontCache - ok
12:12:45.0555 0x16ec FontCache3.0.0.0 - ok
12:12:45.0555 0x16ec FrameServer - ok
12:12:45.0555 0x16ec FsDepends - ok
12:12:45.0555 0x16ec Fs_Rec - ok
12:12:45.0571 0x16ec fvevol - ok
12:12:45.0586 0x16ec [ 13B46C5D8AC698E7E5C46620516F03AC, D9756699B7F9701F2EF70E3DB2C3DED25D12478C4831F9F0621C542998CBD03D ] Garmin Device Interaction Service E:\Garmin Express\Garmin\Device Interaction Service\GarminService.exe
12:12:45.0602 0x16ec Garmin Device Interaction Service - ok
12:12:45.0665 0x16ec [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
12:12:45.0727 0x16ec GDBackupSvc - ok
12:12:45.0743 0x16ec [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
12:12:45.0743 0x16ec GDBehave - ok
12:12:45.0743 0x16ec [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
12:12:45.0758 0x16ec GDElam - ok
12:12:45.0805 0x16ec [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
12:12:45.0868 0x16ec GDFwSvc - ok
12:12:45.0868 0x16ec [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB C:\Windows\system32\drivers\GDKBB64.sys
12:12:45.0883 0x16ec GDKBB - ok
12:12:45.0883 0x16ec [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt C:\Windows\system32\drivers\GDKBFlt64.sys
12:12:45.0883 0x16ec GDKBFlt - ok
12:12:45.0899 0x16ec [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
12:12:45.0899 0x16ec GDMnIcpt - ok
12:12:45.0915 0x16ec [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
12:12:45.0915 0x16ec GDPkIcpt - ok
12:12:45.0930 0x16ec [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
12:12:45.0946 0x16ec GDScan - ok
12:12:45.0946 0x16ec [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
12:12:45.0962 0x16ec gdwfpcd - ok
12:12:45.0962 0x16ec gencounter - ok
12:12:45.0962 0x16ec genericusbfn - ok
12:12:45.0962 0x16ec [ 5D4DF0BAC74E9AC62AF6BC99440B050B, 655110646BFF890C448C0951E11132DC3592BDA6E080696341B930D090224723 ] GPCIDrv E:\Gigabyte\GPCIDrv64.sys
12:12:45.0977 0x16ec GPCIDrv - ok
12:12:45.0977 0x16ec GPIOClx0101 - ok
12:12:45.0977 0x16ec gpsvc - ok
12:12:45.0977 0x16ec GpuEnergyDrv - ok
12:12:45.0977 0x16ec [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD C:\Windows\system32\drivers\GRD.sys
12:12:45.0993 0x16ec GRD - ok
12:12:45.0993 0x16ec HDAudBus - ok
12:12:45.0993 0x16ec HidBatt - ok
12:12:45.0993 0x16ec HidBth - ok
12:12:45.0993 0x16ec hidi2c - ok
12:12:46.0008 0x16ec hidinterrupt - ok
12:12:46.0008 0x16ec HidIr - ok
12:12:46.0008 0x16ec hidserv - ok
12:12:46.0008 0x16ec HidUsb - ok
12:12:46.0008 0x16ec HomeGroupListener - ok
12:12:46.0008 0x16ec HomeGroupProvider - ok
12:12:46.0024 0x16ec [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
12:12:46.0024 0x16ec HookCentre - ok
12:12:46.0024 0x16ec HpSAMD - ok
12:12:46.0024 0x16ec HTTP - ok
12:12:46.0040 0x16ec HvHost - ok
12:12:46.0040 0x16ec hvservice - ok
12:12:46.0040 0x16ec hwpolicy - ok
12:12:46.0040 0x16ec hyperkbd - ok
12:12:46.0040 0x16ec i8042prt - ok
12:12:46.0040 0x16ec iagpio - ok
12:12:46.0040 0x16ec iai2c - ok
12:12:46.0055 0x16ec iaLPSS2i_GPIO2 - ok
12:12:46.0055 0x16ec iaLPSS2i_I2C - ok
12:12:46.0055 0x16ec iaLPSSi_GPIO - ok
12:12:46.0055 0x16ec iaLPSSi_I2C - ok
12:12:46.0055 0x16ec iaStorAV - ok
12:12:46.0055 0x16ec iaStorV - ok
12:12:46.0071 0x16ec ibbus - ok
12:12:46.0071 0x16ec [ 90D95B25F8413F937A2E155F196D892C, 5D08EE7BFEB000F2A06FA2F37729C29C2A71760A4BD6241330E6FF257CB8D8EE ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:12:46.0071 0x16ec ICCS - detected UnsignedFile.Multi.Generic ( 1 )
12:12:46.0368 0x16ec Detect skipped due to KSN trusted
12:12:46.0368 0x16ec ICCS - ok
12:12:46.0383 0x16ec [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys
12:12:46.0399 0x16ec ICCWDT - ok
12:12:46.0399 0x16ec icssvc - ok
12:12:46.0399 0x16ec [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:12:46.0415 0x16ec IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:12:46.0821 0x16ec Detect skipped due to KSN trusted
12:12:46.0821 0x16ec IDriverT - ok
12:12:46.0837 0x16ec IKEEXT - ok
12:12:46.0837 0x16ec IndirectKmd - ok
12:12:46.0915 0x16ec [ 7A93DBF7DD86A28C0B941F4D39B85A0E, DBA4AE976CD01C599B85933E9B8741D7F01FD88F5BEAF01DDA3BCCDD1550607A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:12:46.0977 0x16ec IntcAzAudAddService - ok
12:12:47.0008 0x16ec [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:12:47.0024 0x16ec Intel(R) Capability Licensing Service Interface - ok
12:12:47.0024 0x16ec intelide - ok
12:12:47.0024 0x16ec intelpep - ok
12:12:47.0024 0x16ec intelppm - ok
12:12:47.0024 0x16ec iorate - ok
12:12:47.0024 0x16ec IpFilterDriver - ok
12:12:47.0024 0x16ec iphlpsvc - ok
12:12:47.0040 0x16ec IPMIDRV - ok
12:12:47.0040 0x16ec IPNAT - ok
12:12:47.0040 0x16ec irda - ok
12:12:47.0040 0x16ec IRENUM - ok
12:12:47.0040 0x16ec irmon - ok
12:12:47.0040 0x16ec isapnp - ok
12:12:47.0040 0x16ec iScsiPrt - ok
12:12:47.0055 0x16ec [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:12:47.0055 0x16ec jhi_service - ok
12:12:47.0055 0x16ec kbdclass - ok
12:12:47.0071 0x16ec kbdhid - ok
12:12:47.0071 0x16ec kdnic - ok
12:12:47.0071 0x16ec KeyIso - ok
12:12:47.0071 0x16ec KSecDD - ok
12:12:47.0071 0x16ec KSecPkg - ok
12:12:47.0071 0x16ec ksthunk - ok
12:12:47.0071 0x16ec KtmRm - ok
12:12:47.0087 0x16ec LanmanServer - ok
12:12:47.0087 0x16ec LanmanWorkstation - ok
12:12:47.0087 0x16ec lfsvc - ok
12:12:47.0087 0x16ec [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
12:12:47.0087 0x16ec LGBusEnum - ok
12:12:47.0102 0x16ec [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
12:12:47.0102 0x16ec LGVirHid - ok
12:12:47.0102 0x16ec LicenseManager - ok
12:12:47.0102 0x16ec lltdio - ok
12:12:47.0102 0x16ec lltdsvc - ok
12:12:47.0102 0x16ec lmhosts - ok
12:12:47.0118 0x16ec [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:12:47.0118 0x16ec LMS - ok
12:12:47.0133 0x16ec LSI_SAS - ok
12:12:47.0133 0x16ec LSI_SAS2i - ok
12:12:47.0133 0x16ec LSI_SAS3i - ok
12:12:47.0133 0x16ec LSI_SSS - ok
12:12:47.0133 0x16ec LSM - ok
12:12:47.0149 0x16ec luafv - ok
12:12:47.0149 0x16ec MapsBroker - ok
12:12:47.0149 0x16ec megasas - ok
12:12:47.0149 0x16ec megasas2i - ok
12:12:47.0149 0x16ec megasr - ok
12:12:47.0149 0x16ec [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:12:47.0165 0x16ec MEIx64 - ok
12:12:47.0165 0x16ec MessagingService - ok
12:12:47.0165 0x16ec mlx4_bus - ok
12:12:47.0165 0x16ec MMCSS - ok
12:12:47.0165 0x16ec Modem - ok
12:12:47.0180 0x16ec monitor - ok
12:12:47.0180 0x16ec mouclass - ok
12:12:47.0180 0x16ec mouhid - ok
12:12:47.0180 0x16ec mountmgr - ok
12:12:47.0180 0x16ec mpsdrv - ok
12:12:47.0180 0x16ec MpsSvc - ok
12:12:47.0180 0x16ec MQAC - ok
12:12:47.0196 0x16ec MRxDAV - ok
12:12:47.0196 0x16ec mrxsmb - ok
12:12:47.0196 0x16ec mrxsmb10 - ok
12:12:47.0196 0x16ec mrxsmb20 - ok
12:12:47.0196 0x16ec MsBridge - ok
12:12:47.0196 0x16ec MSDTC - ok
12:12:47.0213 0x16ec Msfs - ok
12:12:47.0213 0x16ec msgpiowin32 - ok
12:12:47.0213 0x16ec mshidkmdf - ok
12:12:47.0213 0x16ec mshidumdf - ok
12:12:47.0213 0x16ec msisadrv - ok
12:12:47.0213 0x16ec MSiSCSI - ok
12:12:47.0213 0x16ec msiserver - ok
12:12:47.0228 0x16ec MSKSSRV - ok
12:12:47.0228 0x16ec MsLldp - ok
12:12:47.0228 0x16ec MSMQ - ok
12:12:47.0228 0x16ec MSPCLOCK - ok
12:12:47.0228 0x16ec MSPQM - ok
12:12:47.0228 0x16ec MsRPC - ok
12:12:47.0228 0x16ec MsSecFlt - ok
12:12:47.0244 0x16ec mssmbios - ok
12:12:47.0244 0x16ec MSTEE - ok
12:12:47.0244 0x16ec MTConfig - ok
12:12:47.0244 0x16ec Mup - ok
12:12:47.0244 0x16ec mvumis - ok
12:12:47.0244 0x16ec NativeWifiP - ok
12:12:47.0260 0x16ec NcaSvc - ok
12:12:47.0260 0x16ec NcbService - ok
12:12:47.0260 0x16ec NcdAutoSetup - ok
12:12:47.0260 0x16ec ndfltr - ok
12:12:47.0260 0x16ec NDIS - ok
12:12:47.0260 0x16ec NdisCap - ok
12:12:47.0260 0x16ec NdisImPlatform - ok
12:12:47.0275 0x16ec NdisTapi - ok
12:12:47.0275 0x16ec Ndisuio - ok
12:12:47.0275 0x16ec NdisVirtualBus - ok
12:12:47.0275 0x16ec NdisWan - ok
12:12:47.0275 0x16ec ndiswanlegacy - ok
12:12:47.0275 0x16ec ndproxy - ok
12:12:47.0275 0x16ec Ndu - ok
12:12:47.0275 0x16ec NetAdapterCx - ok
12:12:47.0291 0x16ec NetBIOS - ok
12:12:47.0291 0x16ec NetBT - ok
12:12:47.0291 0x16ec Netlogon - ok
12:12:47.0291 0x16ec Netman - ok
12:12:47.0291 0x16ec NetMsmqActivator - ok
12:12:47.0307 0x16ec NetPipeActivator - ok
12:12:47.0307 0x16ec netprofm - ok
12:12:47.0307 0x16ec NetSetupSvc - ok
12:12:47.0307 0x16ec NetTcpActivator - ok
12:12:47.0307 0x16ec NetTcpPortSharing - ok
12:12:47.0322 0x16ec [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016 C:\WINDOWS\system32\drivers\NetUtils2016.sys
12:12:47.0353 0x16ec NetUtils2016 - ok
12:12:47.0353 0x16ec NgcCtnrSvc - ok
12:12:47.0353 0x16ec NgcSvc - ok
12:12:47.0353 0x16ec NlaSvc - ok
12:12:47.0353 0x16ec Npfs - ok
12:12:47.0353 0x16ec npsvctrig - ok
12:12:47.0369 0x16ec nsi - ok
12:12:47.0369 0x16ec nsiproxy - ok
12:12:47.0369 0x16ec NTFS - ok
12:12:47.0369 0x16ec Null - ok
12:12:47.0385 0x16ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
12:12:47.0385 0x16ec NvContainerLocalSystem - ok
12:12:47.0400 0x16ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
12:12:47.0416 0x16ec NvContainerNetworkService - ok
12:12:47.0416 0x16ec [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
12:12:47.0432 0x16ec NVHDA - ok
12:12:47.0447 0x16ec [ 6AEBC7136C17478CBC9A772F1E60EB9E, D059A9134A6C7117B70302FF853485614E1E632C6F002F3D11C111C450B2F647 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
12:12:47.0480 0x16ec NVIDIA Wireless Controller Service - ok
12:12:47.0685 0x16ec [ 70BC7D732B4AA50EC77D262A89E63E08, 781507DB55582F8BD367020DA844DA6A5D75005E416A2E843255E0F4CA8F896D ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys
12:12:47.0904 0x16ec nvlddmkm - ok
12:12:47.0904 0x16ec nvraid - ok
12:12:47.0919 0x16ec nvstor - ok
12:12:47.0919 0x16ec [ 06C7DAD44F4B95AA02BE2107486274BC, DBCC2E29F1BEAEFEC5BBD767F71C30FBAA3425E4E88A5C6BAF626661C350CF11 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:12:47.0919 0x16ec NvStreamKms - ok
12:12:47.0919 0x16ec [ 9F3F8D255C2D1ED457487CF1FAD56399, 9C75677937D1930AB422EFD653D47034E83E02A10BF713C19CC1B8239CD1AC9C ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:12:47.0935 0x16ec nvvad_WaveExtensible - ok
12:12:47.0935 0x16ec [ 8906264B81BCD6EEB40050B6002A523E, 5E5586FA8CFFD110F302C84F873801F4BCAF2FC263A14D2D051CA8DB54753DAC ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
12:12:47.0951 0x16ec OkayFreedom VPN Starter Service - ok
12:12:47.0951 0x16ec OneSyncSvc - ok
12:12:47.0951 0x16ec p2pimsvc - ok
12:12:47.0966 0x16ec p2psvc - ok
12:12:47.0966 0x16ec Parport - ok
12:12:47.0966 0x16ec Partizan - ok
12:12:47.0966 0x16ec partmgr - ok
12:12:47.0966 0x16ec PcaSvc - ok
12:12:47.0966 0x16ec pci - ok
12:12:47.0966 0x16ec pciide - ok
12:12:47.0982 0x16ec pcmcia - ok
12:12:47.0982 0x16ec pcw - ok
12:12:47.0982 0x16ec pdc - ok
12:12:47.0982 0x16ec PEAUTH - ok
12:12:47.0982 0x16ec PeerDistSvc - ok
12:12:47.0982 0x16ec percsas2i - ok
12:12:47.0997 0x16ec percsas3i - ok
12:12:48.0013 0x16ec PerfHost - ok
12:12:48.0013 0x16ec PhoneSvc - ok
12:12:48.0013 0x16ec PimIndexMaintenanceSvc - ok
12:12:48.0013 0x16ec pla - ok
12:12:48.0013 0x16ec PlugPlay - ok
12:12:48.0029 0x16ec PNRPAutoReg - ok
12:12:48.0029 0x16ec PNRPsvc - ok
12:12:48.0029 0x16ec PolicyAgent - ok
12:12:48.0029 0x16ec Power - ok
12:12:48.0029 0x16ec PptpMiniport - ok
12:12:48.0091 0x16ec [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:12:48.0169 0x16ec PrintNotify - ok
12:12:48.0169 0x16ec Processor - ok
12:12:48.0185 0x16ec ProfSvc - ok
12:12:48.0185 0x16ec Psched - ok
12:12:48.0185 0x16ec QWAVE - ok
12:12:48.0185 0x16ec QWAVEdrv - ok
12:12:48.0185 0x16ec RasAcd - ok
12:12:48.0185 0x16ec RasAgileVpn - ok
12:12:48.0185 0x16ec RasAuto - ok
12:12:48.0201 0x16ec Rasl2tp - ok
12:12:48.0201 0x16ec RasMan - ok
12:12:48.0201 0x16ec RasPppoe - ok
12:12:48.0201 0x16ec RasSstp - ok
12:12:48.0201 0x16ec rdbss - ok
12:12:48.0201 0x16ec rdpbus - ok
12:12:48.0216 0x16ec RDPDR - ok
12:12:48.0216 0x16ec RdpVideoMiniport - ok
12:12:48.0216 0x16ec rdyboost - ok
12:12:48.0216 0x16ec ReFSv1 - ok
12:12:48.0216 0x16ec RemoteAccess - ok
12:12:48.0232 0x16ec RemoteRegistry - ok
12:12:48.0232 0x16ec RetailDemo - ok
12:12:48.0232 0x16ec RmSvc - ok
12:12:48.0232 0x16ec RpcEptMapper - ok
12:12:48.0232 0x16ec RpcLocator - ok
12:12:48.0232 0x16ec RpcSs - ok
12:12:48.0232 0x16ec rspndr - ok
12:12:48.0248 0x16ec rt640x64 - ok
12:12:48.0248 0x16ec s3cap - ok
12:12:48.0248 0x16ec SamSs - ok
12:12:48.0248 0x16ec sbp2port - ok
12:12:48.0248 0x16ec SCardSvr - ok
12:12:48.0248 0x16ec ScDeviceEnum - ok
12:12:48.0248 0x16ec scfilter - ok
12:12:48.0263 0x16ec Schedule - ok
12:12:48.0263 0x16ec scmbus - ok
12:12:48.0263 0x16ec scmdisk0101 - ok
12:12:48.0263 0x16ec SCPolicySvc - ok
12:12:48.0263 0x16ec sdbus - ok
12:12:48.0263 0x16ec SDRSVC - ok
12:12:48.0263 0x16ec sdstor - ok
12:12:48.0279 0x16ec seclogon - ok
12:12:48.0279 0x16ec SENS - ok
12:12:48.0279 0x16ec Sense - ok
12:12:48.0279 0x16ec SensorDataService - ok
12:12:48.0279 0x16ec SensorService - ok
12:12:48.0279 0x16ec SensrSvc - ok
12:12:48.0294 0x16ec SerCx - ok
12:12:48.0294 0x16ec SerCx2 - ok
12:12:48.0294 0x16ec Serenum - ok
12:12:48.0294 0x16ec Serial - ok
12:12:48.0294 0x16ec sermouse - ok
12:12:48.0310 0x16ec SessionEnv - ok
12:12:48.0310 0x16ec sfloppy - ok
12:12:48.0310 0x16ec SharedAccess - ok
12:12:48.0310 0x16ec ShellHWDetection - ok
12:12:48.0310 0x16ec shpamsvc - ok
12:12:48.0310 0x16ec SiSRaid2 - ok
12:12:48.0326 0x16ec SiSRaid4 - ok
12:12:48.0326 0x16ec [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:12:48.0341 0x16ec SkypeUpdate - ok
12:12:48.0341 0x16ec smphost - ok
12:12:48.0341 0x16ec SmsRouter - ok
12:12:48.0341 0x16ec SNMPTRAP - ok
12:12:48.0357 0x16ec spaceport - ok
12:12:48.0357 0x16ec SpbCx - ok
12:12:48.0357 0x16ec Spooler - ok
12:12:48.0357 0x16ec sppsvc - ok
12:12:48.0357 0x16ec srv - ok
12:12:48.0357 0x16ec srv2 - ok
12:12:48.0357 0x16ec srvnet - ok
12:12:48.0373 0x16ec SSDPSRV - ok
12:12:48.0373 0x16ec SstpSvc - ok
12:12:48.0373 0x16ec [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:12:48.0388 0x16ec ssudmdm - ok
12:12:48.0388 0x16ec StateRepository - ok
12:12:48.0404 0x16ec [ 04F9B53224689BB3638CC2D3DA721E5C, D073C8D5CEFD59CC3D4834A6B92EA8FE113A73C400C27BB6B3D215522FAE17C3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:12:48.0435 0x16ec Steam Client Service - ok
12:12:48.0435 0x16ec stexstor - ok
12:12:48.0435 0x16ec stisvc - ok
12:12:48.0451 0x16ec storahci - ok
12:12:48.0451 0x16ec storflt - ok
12:12:48.0451 0x16ec stornvme - ok
12:12:48.0451 0x16ec storqosflt - ok
12:12:48.0451 0x16ec StorSvc - ok
12:12:48.0451 0x16ec storufs - ok
12:12:48.0451 0x16ec storvsc - ok
12:12:48.0466 0x16ec svsvc - ok
12:12:48.0466 0x16ec swenum - ok
12:12:48.0466 0x16ec swprv - ok
12:12:48.0466 0x16ec Synth3dVsc - ok
12:12:48.0466 0x16ec SysMain - ok
12:12:48.0466 0x16ec SystemEventsBroker - ok
12:12:48.0482 0x16ec TabletInputService - ok
12:12:48.0482 0x16ec [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
12:12:48.0482 0x16ec tap0901 - ok
12:12:48.0498 0x16ec TapiSrv - ok
12:12:48.0498 0x16ec Tcpip - ok
12:12:48.0498 0x16ec Tcpip6 - ok
12:12:48.0498 0x16ec tcpipreg - ok
12:12:48.0498 0x16ec tdx - ok
12:12:48.0498 0x16ec terminpt - ok
12:12:48.0513 0x16ec TermService - ok
12:12:48.0513 0x16ec [ CE4B6956E4E12492715A53076E58761F, 0D12934B8F7D18F5785A3EAEDEC2CBD1C3627F7D73C73E9329C73A3B99990D36 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
12:12:48.0513 0x16ec TFsExDisk - ok
12:12:48.0513 0x16ec Themes - ok
12:12:48.0513 0x16ec TieringEngineService - ok
12:12:48.0529 0x16ec tiledatamodelsvc - ok
12:12:48.0529 0x16ec TimeBrokerSvc - ok
12:12:48.0529 0x16ec TPM - ok
12:12:48.0529 0x16ec TrkWks - ok
12:12:48.0529 0x16ec TrustedInstaller - ok
12:12:48.0529 0x16ec tsusbflt - ok
12:12:48.0529 0x16ec TsUsbGD - ok
12:12:48.0544 0x16ec tsusbhub - ok
12:12:48.0544 0x16ec tunnel - ok
12:12:48.0544 0x16ec tzautoupdate - ok
12:12:48.0544 0x16ec UASPStor - ok
12:12:48.0544 0x16ec UcmCx0101 - ok
12:12:48.0544 0x16ec UcmTcpciCx0101 - ok
12:12:48.0560 0x16ec UcmUcsi - ok
12:12:48.0560 0x16ec Ucx01000 - ok
12:12:48.0560 0x16ec UdeCx - ok
12:12:48.0560 0x16ec udfs - ok
12:12:48.0560 0x16ec UEFI - ok
12:12:48.0560 0x16ec UevAgentDriver - ok
12:12:48.0576 0x16ec UevAgentService - ok
12:12:48.0576 0x16ec Ufx01000 - ok
12:12:48.0576 0x16ec UfxChipidea - ok
12:12:48.0576 0x16ec ufxsynopsys - ok
12:12:48.0576 0x16ec UI0Detect - ok
12:12:48.0576 0x16ec umbus - ok
12:12:48.0591 0x16ec UmPass - ok
12:12:48.0591 0x16ec UmRdpService - ok
12:12:48.0591 0x16ec UnistoreSvc - ok
12:12:48.0607 0x16ec [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:12:48.0607 0x16ec UNS - ok
12:12:48.0607 0x16ec upnphost - ok
12:12:48.0607 0x16ec UrsChipidea - ok
12:12:48.0623 0x16ec UrsCx01000 - ok
12:12:48.0623 0x16ec UrsSynopsys - ok
12:12:48.0623 0x16ec usbccgp - ok
12:12:48.0623 0x16ec usbcir - ok
12:12:48.0623 0x16ec usbehci - ok
12:12:48.0623 0x16ec usbhub - ok
12:12:48.0638 0x16ec USBHUB3 - ok
12:12:48.0638 0x16ec usbohci - ok
12:12:48.0638 0x16ec usbprint - ok
12:12:48.0638 0x16ec usbser - ok
12:12:48.0638 0x16ec USBSTOR - ok
12:12:48.0638 0x16ec usbuhci - ok
12:12:48.0638 0x16ec USBXHCI - ok
12:12:48.0654 0x16ec UserDataSvc - ok
12:12:48.0654 0x16ec UserManager - ok
12:12:48.0654 0x16ec UsoSvc - ok
12:12:48.0654 0x16ec VaultSvc - ok
12:12:48.0654 0x16ec vdrvroot - ok
12:12:48.0654 0x16ec vds - ok
12:12:48.0669 0x16ec VerifierExt - ok
12:12:48.0669 0x16ec vhdmp - ok
12:12:48.0669 0x16ec vhf - ok
12:12:48.0669 0x16ec vmbus - ok
12:12:48.0669 0x16ec VMBusHID - ok
12:12:48.0669 0x16ec vmgid - ok
12:12:48.0685 0x16ec vmicguestinterface - ok
12:12:48.0685 0x16ec vmicheartbeat - ok
12:12:48.0685 0x16ec vmickvpexchange - ok
12:12:48.0685 0x16ec vmicrdv - ok
12:12:48.0685 0x16ec vmicshutdown - ok
12:12:48.0685 0x16ec vmictimesync - ok
12:12:48.0701 0x16ec vmicvmsession - ok
12:12:48.0701 0x16ec vmicvss - ok
12:12:48.0701 0x16ec volmgr - ok
12:12:48.0701 0x16ec volmgrx - ok
12:12:48.0701 0x16ec volsnap - ok
12:12:48.0701 0x16ec volume - ok
12:12:48.0716 0x16ec vpci - ok
12:12:48.0716 0x16ec vsmraid - ok
12:12:48.0716 0x16ec VSS - ok
12:12:48.0716 0x16ec VSTXRAID - ok
12:12:48.0716 0x16ec vwifibus - ok
12:12:48.0716 0x16ec vwififlt - ok
12:12:48.0732 0x16ec W32Time - ok
12:12:48.0732 0x16ec w3logsvc - ok
12:12:48.0732 0x16ec W3SVC - ok
12:12:48.0732 0x16ec WacomPen - ok
12:12:48.0732 0x16ec WalletService - ok
12:12:48.0732 0x16ec wanarp - ok
12:12:48.0748 0x16ec wanarpv6 - ok
12:12:48.0748 0x16ec WAS - ok
12:12:48.0748 0x16ec wbengine - ok
12:12:48.0748 0x16ec WbioSrvc - ok
12:12:48.0748 0x16ec wcifs - ok
12:12:48.0748 0x16ec Wcmsvc - ok
12:12:48.0748 0x16ec wcncsvc - ok
12:12:48.0763 0x16ec wcnfs - ok
12:12:48.0763 0x16ec WdBoot - ok
12:12:48.0763 0x16ec Wdf01000 - ok
12:12:48.0763 0x16ec WdFilter - ok
12:12:48.0763 0x16ec WdiServiceHost - ok
12:12:48.0763 0x16ec WdiSystemHost - ok
12:12:48.0779 0x16ec wdiwifi - ok
12:12:48.0779 0x16ec WdNisDrv - ok
12:12:48.0779 0x16ec WdNisSvc - ok
12:12:48.0779 0x16ec WebClient - ok
12:12:48.0779 0x16ec Wecsvc - ok
12:12:48.0779 0x16ec WEPHOSTSVC - ok
12:12:48.0794 0x16ec wercplsupport - ok
12:12:48.0794 0x16ec WerSvc - ok
12:12:48.0794 0x16ec WFPLWFS - ok
12:12:48.0794 0x16ec WiaRpc - ok
12:12:48.0794 0x16ec WIMMount - ok
12:12:48.0794 0x16ec WinDefend - ok
12:12:48.0810 0x16ec WindowsTrustedRT - ok
12:12:48.0810 0x16ec WindowsTrustedRTProxy - ok
12:12:48.0810 0x16ec WinHttpAutoProxySvc - ok
12:12:48.0810 0x16ec WinMad - ok
12:12:48.0826 0x16ec Winmgmt - ok
12:12:48.0826 0x16ec WinRM - ok
12:12:48.0826 0x16ec WINUSB - ok
12:12:48.0826 0x16ec WinVerbs - ok
12:12:48.0826 0x16ec wisvc - ok
12:12:48.0841 0x16ec WlanSvc - ok
12:12:48.0841 0x16ec wlidsvc - ok
12:12:48.0841 0x16ec WmiAcpi - ok
12:12:48.0841 0x16ec wmiApSrv - ok
12:12:48.0841 0x16ec WMPNetworkSvc - ok
12:12:48.0841 0x16ec Wof - ok
12:12:48.0857 0x16ec workfolderssvc - ok
12:12:48.0857 0x16ec WPDBusEnum - ok
12:12:48.0857 0x16ec WpdUpFltr - ok
12:12:48.0857 0x16ec WpnService - ok
12:12:48.0857 0x16ec WpnUserService - ok
12:12:48.0873 0x16ec ws2ifsl - ok
12:12:48.0873 0x16ec wscsvc - ok
12:12:48.0873 0x16ec WSearch - ok
12:12:48.0873 0x16ec wuauserv - ok
12:12:48.0873 0x16ec WudfPf - ok
12:12:48.0888 0x16ec WUDFRd - ok
12:12:48.0888 0x16ec wudfsvc - ok
12:12:48.0888 0x16ec WUDFWpdFs - ok
12:12:48.0888 0x16ec WUDFWpdMtp - ok
12:12:48.0888 0x16ec WwanSvc - ok
12:12:48.0888 0x16ec XblAuthManager - ok
12:12:48.0904 0x16ec XblGameSave - ok
12:12:48.0904 0x16ec xboxgip - ok
12:12:48.0904 0x16ec XboxNetApiSvc - ok
12:12:48.0904 0x16ec xinputhid - ok
12:12:48.0904 0x16ec ================ Scan global ===============================
12:12:48.0919 0x16ec [ Global ] - ok
12:12:48.0919 0x16ec ================ Scan MBR ==================================
12:12:48.0919 0x16ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:12:48.0966 0x16ec \Device\Harddisk0\DR0 - ok
12:12:48.0966 0x16ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:12:48.0998 0x16ec \Device\Harddisk1\DR1 - ok
12:12:48.0998 0x16ec ================ Scan VBR ==================================
12:12:48.0998 0x16ec [ C6B02068F7FA70E2CB1F1008DE35DBBB ] \Device\Harddisk0\DR0\Partition1
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition1 - ok
12:12:49.0013 0x16ec [ 7DE7055E050AFC274F06A6F356377253 ] \Device\Harddisk0\DR0\Partition2
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition2 - ok
12:12:49.0013 0x16ec [ 94E8C03F4FEB96E1BC4B9981D5DF282E ] \Device\Harddisk0\DR0\Partition3
12:12:49.0013 0x16ec \Device\Harddisk0\DR0\Partition3 - ok
12:12:49.0013 0x16ec [ 8D9B4F8A1EB8C7853C6ACDF5F1C3A70F ] \Device\Harddisk1\DR1\Partition1
12:12:49.0013 0x16ec \Device\Harddisk1\DR1\Partition1 - ok
12:12:49.0013 0x16ec [ A2237CDE1804A021EC0472F4845C8BE7 ] \Device\Harddisk1\DR1\Partition2
12:12:49.0013 0x16ec \Device\Harddisk1\DR1\Partition2 - ok
12:12:49.0013 0x16ec ================ Scan generic autorun ======================
12:12:49.0107 0x16ec [ B8E3F5B256CE5090D499A0824322288D, AFD5E2F60CF22CA457982406B646F80ECA219850E6EE066B15FB5159F5DF0D3B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:12:49.0216 0x16ec RTHDVCPL - ok
12:12:49.0326 0x16ec [ 430FEA290AC80AB313D54AC5718219FB, 81254380E2C0E1AFEA0F447B6C19C2F2A7A87641CA81E2F55611E5E319730BFA ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:12:49.0435 0x16ec Launch LCore - ok
12:12:49.0451 0x16ec ShadowPlay - ok
12:12:49.0451 0x16ec [ 8A7A87091274FA9BECFC94D02D4F250D, 1F84A37A85D844B9232DDA6D307DCEFAEAAF5484DCE121930A3937225C1E5BE7 ] E:\Razer\razerhid.exe
12:12:49.0451 0x16ec Lachesis - detected UnsignedFile.Multi.Generic ( 1 )
12:12:49.0670 0x16ec Detect skipped due to KSN trusted
12:12:49.0670 0x16ec Lachesis - ok
12:12:49.0748 0x16ec [ 1BD914390A9B15C1EA1F0A3607606A8A, 269F8000B3767CF3C174A1D0314242BD7D217CF72A4DE0C6DDAB9134AEF0B8AB ] C:\Program Files (x86)\OkayFreedom\Notifier.exe
12:12:49.0826 0x16ec OKAYFREEDOM Notifier - ok
12:12:49.0841 0x16ec OneDriveSetup - ok
12:12:49.0841 0x16ec OneDriveSetup - ok
12:12:49.0857 0x16ec [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Besitzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:12:49.0873 0x16ec OneDrive - ok
12:12:49.0873 0x16ec Waiting for KSN requests completion. In queue: 53
12:12:50.0904 0x16ec AV detected via SS2: G DATA INTERNET SECURITY, E:\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
12:12:50.0904 0x16ec AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x62100 ( disabled : updated )
12:12:50.0904 0x16ec FW detected via SS2: G*DATA Personal Firewall, E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
12:12:50.0998 0x16ec ============================================================
12:12:50.0998 0x16ec Scan finished
12:12:50.0998 0x16ec ============================================================
12:12:50.0998 0x0a84 Detected object count: 0
12:12:50.0998 0x0a84 Actual detected object count: 0
|
|
24.11.2016, 12:38
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernenZitat:
 Logs dazu?
__________________ |
|
24.11.2016, 13:00
| #4 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Das Problem besteht darin, das sich bei der Benutzung des Browsers immer wieder Werbeseiten öffnen und die den Browser verlangsamen. Außerdem blockiert mein Antivirenprogramm permanent eine Adresse, die immer wieder automatisch aufgerufen werden soll. "Virus beim Laden von Web-Inhalten gefunden. Adresse: hxxp://i.jccyjs.info/jccy/javascript.js Status: Der Zugriff wurde verweigert." Ich habe hier Logs vom AWD Cleaner der diese Dateien als Bedrohung ansieht und ich habe versucht diese mit dem AWD Cleaner zu löschen, was aber nicht funktioniert hat. Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 20/11/2016 um 21:29:41
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-20.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Besitzer - BESITZER-PC
# Gestartet von : C:\Users\Besitzer\Downloads\adwcleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: NetUtils2016
***** [ Ordner ] *****
***** [ Dateien ] *****
[#] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11459 Bytes] - [20/11/2016 20:28:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [1380 Bytes] - [20/11/2016 20:36:54]
C:\AdwCleaner\AdwCleaner[C3].txt - [1391 Bytes] - [20/11/2016 21:29:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [10998 Bytes] - [20/11/2016 20:27:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1561 Bytes] - [20/11/2016 20:33:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [1700 Bytes] - [20/11/2016 20:39:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1684 Bytes] ##########
Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 24/11/2016 um 11:46:33
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-23.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Besitzer - BESITZER-PC
# Gestartet von : C:\Users\Besitzer\Desktop\adwcleaner_6.030.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Dienst Gefunden: NetUtils2016
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Datei Gefunden: C:\WINDOWS\SysNative\NetUtils2016.dll
Datei Gefunden: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\HDWallpaper
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00.c
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.sof
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onclickads.net
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.coup
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.softwa
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onclickads.net
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
Schlüssel Gefunden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.s
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onclickads.net
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.softwa
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.c
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.couponti
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.co
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.soft
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onclickads.net
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
Schlüssel Gefunden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime0
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [11459 Bytes] - [20/11/2016 20:28:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [1380 Bytes] - [20/11/2016 20:36:54]
C:\AdwCleaner\AdwCleaner[C3].txt - [1767 Bytes] - [20/11/2016 21:29:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [10998 Bytes] - [20/11/2016 20:27:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1561 Bytes] - [20/11/2016 20:33:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [1700 Bytes] - [20/11/2016 20:39:35]
C:\AdwCleaner\AdwCleaner[S3].txt - [1853 Bytes] - [20/11/2016 21:32:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [1926 Bytes] - [20/11/2016 22:44:04]
C:\AdwCleaner\AdwCleaner[S5].txt - [1992 Bytes] - [20/11/2016 23:06:07]
C:\AdwCleaner\AdwCleaner[S6].txt - [2065 Bytes] - [20/11/2016 23:19:20]
C:\AdwCleaner\AdwCleaner[S7].txt - [2138 Bytes] - [22/11/2016 11:52:32]
C:\AdwCleaner\AdwCleaner[S8].txt - [9119 Bytes] - [24/11/2016 11:46:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [9192 Bytes] ##########
|
|
24.11.2016, 13:04
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.11.2016, 15:37
| #6 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen So jetzt ist es fertig. Hier der Log nach dem löschen und dem Neustart: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.24.05
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
Besitzer :: BESITZER-PC [administrator]
24.11.2016 12:35:51
mbar-log-2016-11-24 (12-35-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 359379
Time elapsed: 1 hour(s), 28 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\WINDOWS\SYSTEM32\drivers\NetUtils2016.sys (PUP.Optional.StartGo123) -> Delete on reboot. [9ee21f7d46bd2b0f128e0907babc7d28]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.24.06
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
Besitzer :: BESITZER-PC [administrator]
24.11.2016 14:17:33
mbar-log-2016-11-24 (14-17-33).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 359105
Time elapsed: 13 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
24.11.2016, 16:26
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2016, 16:46
| #8 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Hier Aaw Cleaner: Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 24/11/2016 um 15:38:01
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-24.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Besitzer - BESITZER-PC
# Gestartet von : C:\Users\Besitzer\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: NetUtils2016
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onclickads.net
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onclickads.net
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\onclickads.net
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\onclickads.net
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [8649 Bytes] - [24/11/2016 15:38:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [8471 Bytes] - [24/11/2016 15:37:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8795 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by Besitzer (Administrator) on 24.11.2016 at 15:41:19,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\Users\Besitzer\AppData\Roaming\getrighttogo (Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.11.2016 at 15:41:57,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
24.11.2016, 21:00
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Findet adwCleaner immer noch die NetUtils2016.dll?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.11.2016, 23:19
| #10 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Nein adwCleaner findet sie nicht mehr. Hier der Log: Code:
ATTFilter # AdwCleaner v6.030 - Bericht erstellt am 24/11/2016 um 16:16:08
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-24.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Besitzer - BESITZER-PC
# Gestartet von : C:\Users\Besitzer\Desktop\AdwCleaner_6.030.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [8942 Bytes] - [24/11/2016 15:38:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [8471 Bytes] - [24/11/2016 15:37:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [1341 Bytes] - [24/11/2016 16:16:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1414 Bytes] ##########
|
|
25.11.2016, 10:38
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.11.2016, 11:14
| #12 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Hier FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Besitzer (Administrator) auf BESITZER-PC (25-11-2016 10:05:50)
Gestartet von C:\Users\Besitzer\Desktop
Geladene Profile: Besitzer (Verfügbare Profile: Besitzer & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVK\AVKService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
() E:\Razer\razerhid.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Razer Inc.) E:\Razer\razerofa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(G DATA Software AG) E:\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(G DATA Software AG) E:\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Lachesis] => E:\Razer\razerhid.exe [172032 2007-09-12] ()
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4196848 2016-11-09] (Steganos Software GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,e:\g data\internetsecurity\avkkid\avkcks.exe,
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151040 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => E:\Garmin Express\Garmin\Express Tray\ExpressTray.exe [1407912 2016-10-25] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2013-01-08]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> E:\Gigabyte\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
BootExecute: autocheck autochk * Partizan
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.26.64.1
Tcpip\..\Interfaces\{27a8635f-444b-4ad2-ab86-c83ab7eb2b9a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{424fb301-0322-4cdd-b64e-0b6c9477c2cf}: [DhcpNameServer] 10.26.64.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
hxxp://www.giga.de/androidnews/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-02] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Profiles\iwc7lxw2.default-1479674830963 [2016-11-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-09] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2013-01-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-09] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Besitzer\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Besitzer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-837637057-831856249-3172674156-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-02-26] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-02-26] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; E:\G Data\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; E:\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
S3 Garmin Device Interaction Service; E:\Garmin Express\Garmin\Device Interaction Service\GarminService.exe [985616 2016-10-25] (Garmin Ltd. or its subsidiaries)
R2 GDBackupSvc; E:\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; E:\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [353792 2016-11-09] (Steganos Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-16] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [37400 2016-10-16] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [30280 2016-10-16] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [274400 2016-10-16] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [105544 2016-10-16] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-16] (G DATA Software AG)
S3 GPCIDrv; E:\Gigabyte\GPCIDrv64.sys [14376 2010-02-04] ()
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2016-11-08] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153160 2016-10-16] (G Data Software AG)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-11-20] (Greatis Software)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-25 10:05 - 2016-11-25 10:05 - 00000000 ____D C:\Users\Besitzer\Desktop\FRST-OlderVersion
2016-11-24 22:20 - 2016-11-24 16:16 - 00001493 _____ C:\Users\Besitzer\Desktop\AdwCleaner[S1].txt
2016-11-24 15:44 - 2016-11-24 15:44 - 00000549 _____ C:\Users\Besitzer\Desktop\JRT1.txt
2016-11-24 15:44 - 2016-11-24 15:41 - 00000629 _____ C:\Users\Besitzer\Desktop\JRT.txt
2016-11-24 15:42 - 2016-11-24 15:38 - 00008942 _____ C:\Users\Besitzer\Desktop\AdwCleaner[C0].txt
2016-11-24 15:39 - 2016-11-24 15:40 - 01631928 _____ (Malwarebytes) C:\Users\Besitzer\Desktop\JRT.exe
2016-11-24 15:32 - 2016-11-24 22:17 - 00000000 ____D C:\AdwCleaner
2016-11-24 15:31 - 2016-11-24 15:32 - 03910208 _____ C:\Users\Besitzer\Desktop\AdwCleaner_6.030.exe
2016-11-24 12:19 - 2016-11-24 15:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-24 12:19 - 2016-11-24 14:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-24 12:19 - 2016-11-24 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-24 12:17 - 2016-11-24 14:32 - 00000000 ____D C:\Users\Besitzer\Desktop\mbar
2016-11-24 12:17 - 2016-11-24 14:17 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-24 12:15 - 2016-11-24 12:17 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Besitzer\Desktop\mbar-1.09.3.1001.exe
2016-11-24 12:00 - 2016-11-20 21:29 - 00001767 _____ C:\Users\Besitzer\Desktop\AdwCleaner[C3].txt
2016-11-24 11:52 - 2016-11-24 11:46 - 00009339 _____ C:\Users\Besitzer\Desktop\AdwCleaner[S8].txt
2016-11-23 10:39 - 2016-11-22 12:13 - 00079628 _____ C:\Users\Besitzer\Desktop\TDSSKiller.3.1.0.12_22.11.2016_12.12.30_log.txt
2016-11-22 17:09 - 2016-11-24 12:02 - 00000699 _____ C:\Users\Besitzer\Desktop\1.txt
2016-11-22 16:56 - 2016-11-22 16:56 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-11-22 16:56 - 2016-11-22 16:56 - 00000000 ____D C:\Users\DefaultAppPool
2016-11-22 16:56 - 2016-09-26 15:35 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-11-22 12:12 - 2016-11-22 12:13 - 00079628 _____ C:\TDSSKiller.3.1.0.12_22.11.2016_12.12.30_log.txt
2016-11-22 12:06 - 2016-11-22 12:11 - 00153000 _____ C:\TDSSKiller.3.1.0.12_22.11.2016_12.06.53_log.txt
2016-11-22 12:05 - 2016-11-22 12:06 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Besitzer\Desktop\tdsskiller.exe
2016-11-22 12:01 - 2016-11-22 12:01 - 00055880 _____ C:\Users\Besitzer\Desktop\Addition.txt
2016-11-22 12:00 - 2016-11-25 10:05 - 00016891 _____ C:\Users\Besitzer\Desktop\FRST.txt
2016-11-22 11:59 - 2016-11-25 10:05 - 00000000 ____D C:\FRST
2016-11-22 11:58 - 2016-11-25 10:05 - 02412032 _____ (Farbar) C:\Users\Besitzer\Desktop\FRST64.exe
2016-11-20 23:18 - 2016-11-25 08:55 - 00000254 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2016-11-20 23:11 - 2016-11-20 23:19 - 00000000 ____D C:\ProgramData\RegRun
2016-11-20 23:05 - 2016-11-20 23:05 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2016-11-20 23:03 - 2016-11-20 23:21 - 00000000 ____D C:\Users\Besitzer\Documents\RegRun2
2016-11-20 23:03 - 2016-11-20 23:20 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-11-20 23:03 - 2016-11-20 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-11-20 23:03 - 2016-11-20 23:03 - 00003446 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2016-11-20 23:03 - 2016-11-01 13:08 - 00015016 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2016-11-20 23:03 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe
2016-11-20 20:28 - 2016-11-20 20:28 - 00000000 ____D C:\Users\Besitzer\AppData\Local\PeerDistRepub
2016-11-20 20:19 - 2016-11-20 20:19 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CEF
2016-11-20 13:55 - 2016-11-20 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-11-20 13:55 - 2016-11-20 13:55 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-11-20 13:46 - 2016-11-17 00:46 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-11-20 13:43 - 2016-11-17 02:06 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 28203576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 10354800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 09158432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 08761376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 02953152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 02586048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 01038904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00384448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-11-20 13:43 - 2016-11-17 02:06 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-11-15 15:17 - 2016-11-10 23:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll
2016-11-15 15:17 - 2016-11-10 23:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
2016-11-13 20:35 - 2016-11-15 15:19 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-13 18:09 - 2016-11-13 18:09 - 00001142 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2016-11-13 18:08 - 2016-11-13 18:08 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos Updates
2016-11-09 18:09 - 2016-11-02 11:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:09 - 2016-11-02 11:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 18:09 - 2016-11-02 10:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:09 - 2016-11-02 10:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 18:09 - 2016-11-02 10:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:09 - 2016-11-02 10:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:08 - 2016-11-02 12:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 18:08 - 2016-11-02 12:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 18:08 - 2016-11-02 11:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 18:08 - 2016-11-02 11:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 18:08 - 2016-11-02 11:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:08 - 2016-11-02 11:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:08 - 2016-11-02 11:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 18:08 - 2016-11-02 11:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 18:08 - 2016-11-02 11:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:08 - 2016-11-02 11:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:08 - 2016-11-02 11:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 18:08 - 2016-11-02 11:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 18:08 - 2016-11-02 11:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:08 - 2016-11-02 11:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 18:08 - 2016-11-02 11:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 18:08 - 2016-11-02 11:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 18:08 - 2016-11-02 11:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 18:08 - 2016-11-02 11:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 18:08 - 2016-11-02 11:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 18:08 - 2016-11-02 11:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:08 - 2016-11-02 11:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 18:08 - 2016-11-02 11:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:08 - 2016-11-02 11:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 18:08 - 2016-11-02 11:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:08 - 2016-11-02 11:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 18:08 - 2016-11-02 11:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 18:08 - 2016-11-02 11:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 18:08 - 2016-11-02 11:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 18:08 - 2016-11-02 11:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:08 - 2016-11-02 11:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:08 - 2016-11-02 10:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 18:08 - 2016-11-02 10:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 18:08 - 2016-11-02 10:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:08 - 2016-11-02 10:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 18:08 - 2016-11-02 10:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 18:08 - 2016-11-02 10:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 18:08 - 2016-11-02 10:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 18:08 - 2016-11-02 10:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 18:08 - 2016-11-02 10:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 18:08 - 2016-11-02 10:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:08 - 2016-11-02 10:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 18:08 - 2016-11-02 10:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 18:08 - 2016-11-02 10:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 18:08 - 2016-11-02 10:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:08 - 2016-11-02 10:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 18:08 - 2016-11-02 10:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:08 - 2016-11-02 10:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 18:08 - 2016-11-02 10:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 18:08 - 2016-11-02 10:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 18:08 - 2016-11-02 10:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 18:08 - 2016-11-02 10:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:08 - 2016-11-02 10:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 18:08 - 2016-11-02 10:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 18:08 - 2016-11-02 10:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 18:08 - 2016-11-02 10:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:08 - 2016-11-02 10:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 18:08 - 2016-11-02 10:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 18:08 - 2016-11-02 10:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 18:08 - 2016-11-02 10:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 18:08 - 2016-11-02 10:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 18:08 - 2016-11-02 10:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 18:08 - 2016-11-02 10:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:08 - 2016-11-02 10:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 18:08 - 2016-11-02 10:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:08 - 2016-11-02 10:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:08 - 2016-11-02 10:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 18:08 - 2016-11-02 10:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 18:08 - 2016-11-02 10:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 18:08 - 2016-11-02 10:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 18:08 - 2016-11-02 10:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:08 - 2016-11-02 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 18:08 - 2016-11-02 10:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:08 - 2016-11-02 10:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:08 - 2016-11-02 10:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:08 - 2016-11-02 10:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:08 - 2016-11-02 10:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:08 - 2016-11-02 10:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 18:08 - 2016-11-02 10:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 18:08 - 2016-11-02 10:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:08 - 2016-11-02 10:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 18:08 - 2016-11-02 10:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:08 - 2016-11-02 10:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:08 - 2016-11-02 10:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:08 - 2016-11-02 10:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 18:08 - 2016-11-02 10:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 18:08 - 2016-11-02 10:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 18:08 - 2016-11-02 10:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:08 - 2016-11-02 10:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:08 - 2016-11-02 10:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:08 - 2016-11-02 10:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:08 - 2016-11-02 10:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 18:08 - 2016-11-02 10:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 18:08 - 2016-11-02 10:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 18:08 - 2016-11-02 10:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:08 - 2016-11-02 10:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:08 - 2016-11-02 10:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:08 - 2016-11-02 10:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:08 - 2016-11-02 10:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:08 - 2016-11-02 10:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:08 - 2016-11-02 10:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:08 - 2016-11-02 09:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 18:08 - 2016-11-02 09:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 18:08 - 2016-11-02 08:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 18:08 - 2016-08-02 04:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-06 22:32 - 2016-11-13 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2016-11-06 22:32 - 2016-11-13 18:09 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
2016-11-06 22:32 - 2016-11-06 22:34 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos VPN
2016-11-06 22:31 - 2016-11-13 18:08 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Steganos
2016-11-04 17:11 - 2016-10-25 20:21 - 00106040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-04 17:11 - 2016-10-25 20:21 - 00095800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-10-28 15:49 - 2016-10-25 21:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-28 15:49 - 2016-10-25 21:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-27 21:15 - 2016-10-15 04:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 21:15 - 2016-10-15 04:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 21:15 - 2016-10-15 04:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 21:15 - 2016-10-15 04:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 21:15 - 2016-10-15 04:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 21:15 - 2016-10-15 04:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 21:15 - 2016-10-15 03:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 21:15 - 2016-10-15 03:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 21:15 - 2016-10-15 03:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 21:15 - 2016-10-15 03:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 21:15 - 2016-10-15 03:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 21:15 - 2016-10-15 03:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 21:15 - 2016-10-15 03:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 21:15 - 2016-10-15 03:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 21:15 - 2016-10-15 03:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 21:15 - 2016-10-15 03:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 21:15 - 2016-10-15 03:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 21:15 - 2016-10-15 03:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 21:15 - 2016-10-15 03:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 21:15 - 2016-10-15 03:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 21:15 - 2016-10-15 03:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 21:15 - 2016-10-15 03:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 21:15 - 2016-10-15 03:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 21:15 - 2016-10-15 03:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 21:15 - 2016-10-15 03:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 21:15 - 2016-10-15 03:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 21:15 - 2016-08-27 05:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 21:14 - 2016-10-15 04:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 21:14 - 2016-10-15 04:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 21:14 - 2016-10-15 04:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 21:14 - 2016-10-15 04:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 21:14 - 2016-10-15 04:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 21:14 - 2016-10-15 04:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 21:14 - 2016-10-15 04:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 21:14 - 2016-10-15 04:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 21:14 - 2016-10-15 04:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 21:14 - 2016-10-15 04:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 21:14 - 2016-10-15 04:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 21:14 - 2016-10-15 04:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 21:14 - 2016-10-15 04:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 21:14 - 2016-10-15 04:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 21:14 - 2016-10-15 04:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 21:14 - 2016-10-15 04:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 21:14 - 2016-10-15 04:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 21:14 - 2016-10-15 04:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 21:14 - 2016-10-15 04:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 21:14 - 2016-10-15 04:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 21:14 - 2016-10-15 04:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 21:14 - 2016-10-15 04:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 21:14 - 2016-10-15 04:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 21:14 - 2016-10-15 04:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 21:14 - 2016-10-15 04:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 21:14 - 2016-10-15 04:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 21:14 - 2016-10-15 04:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 21:14 - 2016-10-15 04:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 21:14 - 2016-10-15 04:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 21:14 - 2016-10-15 04:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 21:14 - 2016-10-15 04:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 21:14 - 2016-10-15 04:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 21:14 - 2016-10-15 04:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 21:14 - 2016-10-15 03:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 21:14 - 2016-10-15 03:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 21:14 - 2016-10-15 03:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 21:14 - 2016-10-15 03:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 21:14 - 2016-10-15 03:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 21:14 - 2016-10-15 03:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 21:14 - 2016-10-15 03:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 21:14 - 2016-10-15 03:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 21:14 - 2016-10-15 03:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 21:14 - 2016-10-15 03:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 21:14 - 2016-10-15 03:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 21:14 - 2016-10-15 03:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 21:14 - 2016-10-15 03:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 21:14 - 2016-10-15 03:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 21:14 - 2016-10-15 03:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 21:14 - 2016-10-15 03:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 21:14 - 2016-10-15 03:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 21:14 - 2016-10-15 03:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 21:14 - 2016-10-15 03:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 21:14 - 2016-10-15 03:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 21:14 - 2016-10-15 03:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 21:14 - 2016-10-15 03:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 21:14 - 2016-10-15 03:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 21:14 - 2016-10-15 03:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 21:14 - 2016-10-15 03:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 21:14 - 2016-10-15 03:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 21:14 - 2016-10-15 03:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 21:14 - 2016-10-15 03:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 21:14 - 2016-10-15 03:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 21:14 - 2016-10-15 03:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 21:14 - 2016-10-15 03:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 21:14 - 2016-10-15 03:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 21:14 - 2016-10-15 03:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 21:14 - 2016-10-15 03:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 21:14 - 2016-10-15 03:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 21:14 - 2016-10-15 03:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 21:14 - 2016-10-15 03:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 21:14 - 2016-10-15 03:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 21:14 - 2016-10-15 03:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 21:14 - 2016-10-15 03:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 21:14 - 2016-10-15 03:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 21:14 - 2016-10-15 03:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 21:14 - 2016-10-15 03:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 21:14 - 2016-10-15 03:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 21:14 - 2016-10-15 03:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 21:14 - 2016-10-15 03:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 21:14 - 2016-09-10 13:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 21:14 - 2016-08-06 04:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-11-25 09:02 - 2016-09-26 15:33 - 02459682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-25 09:02 - 2016-07-16 22:51 - 00986260 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-25 09:02 - 2016-07-16 22:51 - 00239972 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-25 09:01 - 2016-07-16 06:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-11-25 08:55 - 2016-09-26 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-25 08:55 - 2016-09-26 15:32 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-25 01:34 - 2016-07-16 06:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-24 22:59 - 2016-09-26 15:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-24 14:32 - 2016-10-11 21:08 - 00000000 ____D C:\Users\Besitzer\AppData\Local\CrashDumps
2016-11-24 14:16 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter
2016-11-24 10:54 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 12:53 - 2016-09-29 22:04 - 00000000 ____D C:\Users\Besitzer\Desktop\Post
2016-11-23 12:22 - 2013-11-12 16:18 - 00016001 _____ C:\Users\Besitzer\Desktop\1.odt
2016-11-23 10:35 - 2016-07-16 11:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 11:58 - 2016-07-28 14:50 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Packages
2016-11-20 19:16 - 2016-09-26 15:33 - 00000000 ____D C:\Users\Besitzer
2016-11-20 18:49 - 2013-01-03 23:35 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Google
2016-11-20 15:15 - 2016-07-16 11:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-20 15:15 - 2015-10-23 10:28 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\Winamp
2016-11-20 14:11 - 2014-02-06 20:12 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2016-11-20 13:47 - 2016-09-26 15:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-20 13:47 - 2013-01-02 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-20 13:46 - 2016-03-11 10:24 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-18 17:25 - 2013-01-02 10:15 - 00000000 ____D C:\Users\Besitzer\AppData\Roaming\vlc
2016-11-17 02:06 - 2016-09-22 09:13 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 03474064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-11-17 02:06 - 2016-09-22 09:13 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-17 01:03 - 2016-09-26 15:32 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 02477624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-11-17 01:03 - 2016-09-26 15:32 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-17 00:58 - 2016-10-08 20:53 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-16 09:52 - 2016-09-26 15:32 - 07529957 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-16 01:08 - 2016-04-27 12:30 - 00000000 ____D C:\Users\Besitzer\Desktop\Wrexham
2016-11-15 11:22 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-12 01:57 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 16:17 - 2016-04-27 05:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-10 16:16 - 2016-09-26 15:31 - 00224440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-10 01:40 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-10 01:35 - 2016-07-16 11:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 01:27 - 2013-08-15 21:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-10 01:23 - 2013-01-02 09:59 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 20:56 - 2014-02-06 20:12 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2016-11-08 15:21 - 2016-09-26 15:40 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-06 13:23 - 2016-09-29 17:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-05 00:13 - 2016-09-26 15:40 - 00003614 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-11-05 00:13 - 2014-07-17 16:17 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-05 00:13 - 2014-03-07 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-11-04 21:49 - 2015-11-09 17:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 17:11 - 2016-10-08 20:54 - 00003936 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:54 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-04 17:11 - 2016-10-08 20:53 - 00004000 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003972 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003910 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-10-08 20:53 - 00003706 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-04 17:11 - 2016-09-26 15:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-04 17:11 - 2016-09-26 15:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-02 10:39 - 2016-05-30 16:34 - 00000000 ____D C:\Users\Besitzer\AppData\Local\Ubisoft Game Launcher
2016-10-29 00:46 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 00:46 - 2016-07-16 11:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-29 00:45 - 2016-07-16 11:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 23:56 - 2016-07-16 11:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 23:56 - 2016-07-16 11:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-18 19:43 - 2015-01-24 23:43 - 0000100 _____ () C:\Users\Besitzer\AppData\Roaming\WB.CFG
2013-12-31 00:43 - 2014-01-03 00:43 - 0000005 _____ () C:\Users\Besitzer\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-11-18 19:43 - 2014-01-29 23:47 - 0000005 _____ () C:\Users\Besitzer\AppData\Roaming\WBPU-TTL.DAT
2013-01-04 15:11 - 2013-01-04 15:11 - 0007971 _____ () C:\Users\Besitzer\AppData\Local\CleanupUninstall.txt
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-23 15:49
==================== Ende von FRST.txt ============================
|
|
25.11.2016, 11:15
| #13 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen und hier Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Besitzer (25-11-2016 10:06:21)
Gestartet von C:\Users\Besitzer\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-26 15:41:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-837637057-831856249-3172674156-500 - Administrator - Disabled)
Besitzer (S-1-5-21-837637057-831856249-3172674156-1000 - Administrator - Enabled) => C:\Users\Besitzer
DefaultAccount (S-1-5-21-837637057-831856249-3172674156-503 - Limited - Disabled)
Gast (S-1-5-21-837637057-831856249-3172674156-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-837637057-831856249-3172674156-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series Benutzerregistrierung (HKLM-x32\...\Canon MG5500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Elevated Installer (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d74c733b-9216-49f5-ae3a-14bf3a3d66f5}) (Version: 4.2.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.2.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Geeks3D.com FurMark 1.10.3 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden
GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.4 - Steganos Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 7.6.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Razer Lachesis (HKLM-x32\...\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}) (Version: 1.00.0000 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Unity Web Player (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05163006-1713-4662-9ECF-A289C25682FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {056ABC7C-5510-4802-84C3-491898526578} - System32\Tasks\UnHackMe Task Scheduler => C:\Users\Besitzer\Downloads\unhackme\UnHackMe\hackmon.exe
Task: {05B93D9D-C20A-4CD7-8A84-C9FB2D4366D7} - System32\Tasks\{BAF4566D-623C-4A84-8C02-0D29C3B594AA} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {0C393234-3617-4076-B130-1BE4BD8A3256} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10C41A4A-DCC8-48A3-AA20-456F8F3B1B05} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18551047-874B-4EF4-A770-EFA96FBB64BA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {1A549595-0AA1-4AC3-B2A8-192FBA9CDF10} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BF41312-AFA6-444A-A74B-F19F9BD44ABE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {2440B0DF-847D-41D3-83F9-0723AD76A37C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {3147D6C3-F5EB-4122-80A9-7D1E608B6638} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {316AFADB-1695-4E43-91B1-AFE552CC924D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {33297236-54E4-41F3-AA26-89BD90369DBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3A527B61-F9EB-4823-8F7B-D88845438842} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B180863-34A4-4E7F-BB35-03EFC8E10D8C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3ECC7296-435D-4569-9EFE-515BF5303D8D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {472E3CB9-D46A-483B-B83F-80558A76169C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4BAB933E-800C-429E-89FF-A0168544C6D4} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {510B36D6-382B-478B-B1AA-D5D1455E3A74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51CAFBF8-6C6E-4946-AB38-45D5AD02F433} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {570526D1-40B5-4399-B6F3-44718CA0783D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {58051736-2ABD-449F-B0F0-563A6F035338} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6553A9AA-230F-4EE5-A5B4-211F5ECC1F1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {6D436F27-ACA2-4829-B611-9ECB95369765} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6F257B1F-1C15-416F-9EDF-959D0B388678} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {77F701EB-EB43-4659-8D08-9C9747E0B668} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7C33A0DF-B7F4-4440-9C04-4DD3DED2545E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {81776BD7-F93C-4E78-BCB5-6F45695ED1CE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {863D3DEE-5FDE-47CC-8E71-B894DD7550ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8FFDB8AB-076B-47F7-B20A-DF979713C320} - System32\Tasks\GarminUpdaterTask => E:\Garmin Express\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-10-25] ()
Task: {9B979401-AC10-43DF-A0A6-EED8F31B099A} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9FB62280-61F6-4D96-BC82-65F056D64558} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A093B5C9-8F64-47CD-BB66-D30DB7392577} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A225348E-AD2D-4A65-8BC6-35323C3EBB18} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {ACF90DCF-6B69-43A9-8C1D-FF5949F78A6C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B9FE4B24-1246-4120-B139-181C3F8EC526} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF5BB204-0C22-421E-B9F8-56847688576A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1CEA9DE-D208-4E16-A042-A522D2A0874A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C4D8DF84-1186-4E3B-BC63-B0A6FF608A93} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C63C77B7-0D0C-473E-A2D7-077AB63A5D97} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBC93D5F-3447-47AD-A4E9-9FD9A5505357} - System32\Tasks\{512D56E3-F360-492A-8377-1655BDC0E6CB} => pcalua.exe -a "F:\Die Siedler 3 Gold\s3new160.exe" -d "F:\Die Siedler 3 Gold"
Task: {CC54D319-77BE-4F3D-A8D2-8D9FE514D98E} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {D4006CE8-1F43-43B8-8E70-289A7C359A8A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {D75666BD-99B9-4B61-8219-48BE1777AE7E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DCDC366E-3070-4F42-821B-A046398B17BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {E6A0AEC5-3FB1-4AF3-8172-8994259D0553} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E6C43306-247C-4767-ADFD-DB37A29ECD32} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {F9D98F16-B99C-436F-9661-ABFAF62CFCF7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE41568A-8454-4921-B9D5-CE63307E7A02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE666C86-5E93-4C2D-A8F6-F55C61C505FE} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-02-26 21:51 - 2012-06-01 16:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-10-08 20:53 - 2016-10-25 20:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 20:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 03:24 - 2016-09-15 03:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 15:32 - 2016-11-17 01:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 17:29 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-26 15:43 - 2016-09-26 15:43 - 01864384 _____ () C:\Users\Besitzer\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-26 15:28 - 2016-09-26 15:28 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 18:08 - 2016-11-02 10:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 18:08 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 18:08 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 18:08 - 2016-11-02 10:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 18:08 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 18:08 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-01-04 15:15 - 2007-09-12 10:52 - 00172032 _____ () E:\Razer\razerhid.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 12:14 - 2016-11-17 12:15 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 12:14 - 2016-11-17 12:15 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2014-02-26 21:51 - 2016-11-25 08:55 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-26 21:51 - 2010-06-29 09:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-03-30 16:03 - 2016-10-25 20:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-08 20:54 - 2016-10-25 19:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-08 20:53 - 2016-10-25 20:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-08 20:53 - 2016-10-25 20:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-08 20:54 - 2016-10-25 19:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-08 20:54 - 2016-10-25 19:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-08 20:54 - 2016-10-25 20:20 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2013-01-02 09:11 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 02:34 - 2009-06-10 21:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-837637057-831856249-3172674156-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Besitzer\Desktop\Camera\20161015_113910.jpg
DNS Servers: 10.26.64.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "E:\Garmin Express\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GoPro Studio Importer => E:\GoPro\Tools\Importer\GoPro Importer.exe
MSCONFIG\startupreg: icq => C:\Users\Besitzer\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PDFPrint => "E:\PDF24 Creator\PDF24\pdf24.exe"
MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent
HKU\S-1-5-21-837637057-831856249-3172674156-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{5789BFCB-169E-464A-B933-D66FB9EC5C8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{34F0FDF7-1030-4E6F-9E62-E0566C616597}] => (Allow) LPort=2869
FirewallRules: [{EDA44A7C-8B13-4098-887A-8248D57097A7}] => (Allow) LPort=1900
FirewallRules: [{44443659-5755-4253-92A5-E64487F8A89F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D523A2AA-3805-44E6-A49C-6BE3152C80F8}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{D2544F73-F330-4C2D-BB90-9CDB1B540B84}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2BBBB36C-08A7-48F3-9359-716DF6C1F226}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{121D68E7-DB37-47F2-B424-BC9408A23C32}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{0614F48B-E052-498F-8636-36F782C0AC2B}G:\warcraft iii\war3.exe] => (Allow) G:\warcraft iii\war3.exe
FirewallRules: [{7970B55F-6580-4478-8451-11FD890EA09B}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{06D11F40-A4EE-4619-B0CF-4E2D442562C4}] => (Allow) G:\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{4702517A-0ADF-4CCA-A7FC-6CEE469627D2}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{DB25B767-D436-4312-8FE5-39DD4C72F45E}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [TCP Query User{9A10335C-783B-4C86-8FB2-AC7E67983D83}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{6B624F88-526D-4991-ABF7-79921DC290F3}G:\world_of_warplanes\wowplauncher.exe] => (Allow) G:\world_of_warplanes\wowplauncher.exe
FirewallRules: [{96D46E33-AFEB-4566-8E00-85BD05F11403}] => (Allow) LPort=80
FirewallRules: [{E8E4F516-4E3D-4776-9CC1-508F5AD9CBE7}] => (Allow) LPort=443
FirewallRules: [{836B6973-58BC-4261-A2DC-51AC9974222E}] => (Allow) LPort=20010
FirewallRules: [{C455F500-F553-4B45-AF34-F97354C0EBB0}] => (Allow) LPort=3478
FirewallRules: [{4283F6DD-6B42-43F2-BD3D-88FEDF8AC991}] => (Allow) LPort=7850
FirewallRules: [{FE75D79A-51F2-4F2E-9049-E2E5FDD10968}] => (Allow) LPort=27022
FirewallRules: [{5306BFCF-D2B9-4F4C-AD41-4D8763B7BDED}] => (Allow) LPort=6881
FirewallRules: [{4070EF40-DABC-44AB-A2DC-44BDA0825C58}] => (Allow) LPort=33333
FirewallRules: [{191C804A-11F8-4C95-819F-E5A9D7382305}] => (Allow) LPort=20443
FirewallRules: [{E0527434-8B09-47F7-8423-7891EF411AB5}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{24F63F12-1B69-41A7-ABD5-C90172F08C38}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CC76194F-2B92-4DB8-9B0C-ED3504072AB8}G:\wc3\warcraft iii\war3.exe] => (Allow) G:\wc3\warcraft iii\war3.exe
FirewallRules: [{F12A88BB-3240-4F31-BE01-FE799257E5E8}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{280B3A55-7845-4E80-A8B4-863D614C3DBF}] => (Allow) G:\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E390CDFB-734B-4D0C-AD33-5DED3F4569D0}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{51DA4C23-01D7-4F20-944E-C2665ECB2BB5}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DD415602-B56D-474F-9ED6-52DC8964100A}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{A33D45B2-0236-41EC-8C0C-2EADE326305C}] => (Allow) G:\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [TCP Query User{BEBE546E-BBDF-4EFA-B244-87A759D741AD}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{967DAD35-6504-41A4-A008-3F0E111CEF41}G:\world_of_tanks\wotlauncher.exe] => (Allow) G:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{B0E9CBD4-35B5-41F3-BDA1-212E27DC9FF7}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{FD03265E-1590-4ECA-8095-3199F917B3EA}G:\world_of_tanks\worldoftanks.exe] => (Allow) G:\world_of_tanks\worldoftanks.exe
FirewallRules: [{48CE88A9-B6B2-4B12-8341-250B5C3D11BE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4B5E1922-84C6-4261-8AEC-4B6FC0708349}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4432F9F0-E89F-4928-8947-F7C536DA92F9}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F8EB4EEA-5A89-4DB4-98AC-F299D406C132}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{F0BF95A1-22E1-4EC4-B1F1-79927BDB3C0E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40C36661-D47B-4C1B-92FC-F6F8E56AF769}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2EF67A2-C812-46BD-86F7-EE79E4E08944}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{665A5F39-04E1-4314-B4AF-8A8BA8B83C67}] => (Allow) G:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{66BD0279-67D8-4B85-8294-AA8B07E9218D}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [UDP Query User{D04AD17D-1AC6-4AA8-AF61-C98361703F68}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [{34DAB699-EBE6-46DA-86AB-2017F214EC98}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FA034A7-EEE0-436A-A814-382C745E633E}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8E0BCF4F-8A8B-45E1-B301-7280E5126279}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{15AEAEBA-E2A1-40D4-8239-3525261F470F}] => (Allow) F:\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{03780365-FC7F-472C-BC6B-6B7568A62AE8}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{ECD76374-4FF2-4695-A74C-00BA9C0222A0}] => (Allow) E:\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{645EAE9E-CAE6-43B0-845C-7B751772DC6A}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{9E5AF418-7B50-48C5-B099-51C70197889E}] => (Allow) E:\Mozilla Firefox\firefox.exe
FirewallRules: [{A0CBB088-505D-41B8-B63E-577FDDA30C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{41296DEB-D38F-4848-B681-35C8C795597E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C22D78CB-F323-4B7B-B2FA-69FCB0C48B22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7571E63B-7127-4A9C-9641-9C4387D71678}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5772FD3A-5B77-43EC-9F0A-6CBA43D758AC}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{842589F6-EA4E-4C1F-8B80-327AAFD57B6C}] => (Allow) E:\Winamp\winamp.exe
FirewallRules: [{432A822D-28B2-40F0-B956-080CFB1D53E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44117B54-807A-49EB-8285-FED18472A486}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{18EAEEC0-1800-45D2-A24E-EBE9EF4B93AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2BABB2D7-A657-4514-8C64-7F2571413896}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8D8855E-9E8A-4D53-8646-8B43E2D7082E}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{184775FF-7E20-4694-9627-19DFF39D44B4}] => (Allow) G:\Steam\SteamApps\common\American Truck Simulator Demo\bin\win_x64\amtrucks.exe
FirewallRules: [{33EACE3D-F976-4C20-A0B1-276EC5B142E9}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{BAF5AEAB-23AF-4F0E-B39B-C2541B4E9EAC}] => (Allow) G:\War Thunder\WarThunder\launcher.exe
FirewallRules: [{3C83C4B3-B94E-4A10-8275-D015856F9062}] => (Allow) LPort=7852
FirewallRules: [{607B1440-8C87-45C4-9F34-1D55879EF1E9}] => (Allow) LPort=7853
FirewallRules: [{6663C1AB-BE71-4FCD-B147-7690E41B0D0B}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{B9FB389E-B3F5-4D49-92B1-EE8024696F85}] => (Allow) G:\Ubisoft Games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{6A5C7112-03AA-43CA-9F4E-DC235794EA4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
==================== Wiederherstellungspunkte =========================
18-11-2016 16:46:32 Geplanter Prüfpunkt
20-11-2016 14:04:53 Removed Online.io Application
24-11-2016 14:14:52 Malwarebytes Anti-Rootkit Restore Point
24-11-2016 15:41:20 JRT Pre-Junkware Removal
24-11-2016 15:44:05 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/24/2016 03:44:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/24/2016 03:41:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/24/2016 02:14:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/23/2016 12:13:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b38
Startzeit: 01d24583043c4943
Beendigungszeit: 6
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 4a3cf779-b176-11e6-b56a-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/23/2016 12:13:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0x1c2c
Startzeit der fehlerhaften Anwendung: 0x01d245830d1f7061
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 3b9bd04a-31ce-444d-b21b-49b73be9c988
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/23/2016 12:13:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2ffc
Startzeit: 01d24582eceef636
Beendigungszeit: 14
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: 3fcf2eac-b176-11e6-b56a-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/23/2016 12:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.447, Zeitstempel: 0x5819bd75
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bc32
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8aba
ID des fehlerhaften Prozesses: 0x2248
Startzeit der fehlerhaften Anwendung: 0x01d2458302cba626
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: ec7f99b5-2445-4cc5-ad13-2fac000298a8
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (11/23/2016 12:10:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2130
Startzeit: 01d2458279f9f88e
Beendigungszeit: 12
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: c47ef7b8-b175-11e6-b56a-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Error: (11/22/2016 05:20:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Besitzer-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{355ce766-535d-474e-833d-749780f73de5}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/22/2016 05:20:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 20a4
Startzeit: 01d244e154199ccc
Beendigungszeit: 60000
Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Berichts-ID: c93f3e4c-b0d7-11e6-b569-50465d642892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge
Systemfehler:
=============
Error: (11/25/2016 08:55:28 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2016 08:55:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/24/2016 03:44:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/24/2016 03:41:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/24/2016 03:38:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/24/2016 03:38:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (11/24/2016 03:37:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/24/2016 03:37:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/24/2016 03:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "OkayFreedom VPN Starter Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/24/2016 03:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-11-25 08:55:45.023
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 15:48:32.597
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 15:45:25.451
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 15:39:19.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 15:27:24.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 14:38:39.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 14:31:41.689
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 11:17:18.225
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 10:49:57.514
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2016-11-24 10:49:55.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16336.51 MB
Verfügbarer physikalischer RAM: 13829.13 MB
Summe virtueller Speicher: 32720.51 MB
Verfügbarer virtueller Speicher: 30038.52 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:136.29 GB) (Free:54.68 GB) NTFS
Drive e: (Programme) (Fixed) (Total:24.42 GB) (Free:21.99 GB) NTFS
Drive f: (Games) (Fixed) (Total:72.08 GB) (Free:3.87 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:863.02 GB) (Free:700.45 GB) NTFS
Drive h: (Daten) (Fixed) (Total:1000 GB) (Free:921.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D28C1B57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=136.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=72.1 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4102C964)
Partition 1: (Not Active) - (Size=863 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
25.11.2016, 14:01
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {05163006-1713-4662-9ECF-A289C25682FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {316AFADB-1695-4E43-91B1-AFE552CC924D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {33297236-54E4-41F3-AA26-89BD90369DBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3ECC7296-435D-4569-9EFE-515BF5303D8D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {472E3CB9-D46A-483B-B83F-80558A76169C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4BAB933E-800C-429E-89FF-A0168544C6D4} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {51CAFBF8-6C6E-4946-AB38-45D5AD02F433} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {77F701EB-EB43-4659-8D08-9C9747E0B668} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {863D3DEE-5FDE-47CC-8E71-B894DD7550ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9B979401-AC10-43DF-A0A6-EED8F31B099A} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9FB62280-61F6-4D96-BC82-65F056D64558} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C1CEA9DE-D208-4E16-A042-A522D2A0874A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC54D319-77BE-4F3D-A8D2-8D9FE514D98E} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DCDC366E-3070-4F42-821B-A046398B17BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE666C86-5E93-4C2D-A8F6-F55C61C505FE} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2016, 13:30
| #15 |
| | NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen Hier die Fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Besitzer (26-11-2016 12:25:38) Run:1
Gestartet von C:\Users\Besitzer\Desktop
Geladene Profile: Besitzer (Verfügbare Profile: Besitzer & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {05163006-1713-4662-9ECF-A289C25682FC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {316AFADB-1695-4E43-91B1-AFE552CC924D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {33297236-54E4-41F3-AA26-89BD90369DBA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3ECC7296-435D-4569-9EFE-515BF5303D8D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {472E3CB9-D46A-483B-B83F-80558A76169C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4BAB933E-800C-429E-89FF-A0168544C6D4} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG
Task: {51CAFBF8-6C6E-4946-AB38-45D5AD02F433} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {77F701EB-EB43-4659-8D08-9C9747E0B668} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {863D3DEE-5FDE-47CC-8E71-B894DD7550ED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9B979401-AC10-43DF-A0A6-EED8F31B099A} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {9FB62280-61F6-4D96-BC82-65F056D64558} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C1CEA9DE-D208-4E16-A042-A522D2A0874A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC54D319-77BE-4F3D-A8D2-8D9FE514D98E} - \Digital Sites -> Keine Datei <==== ACHTUNG
Task: {DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DCDC366E-3070-4F42-821B-A046398B17BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE666C86-5E93-4C2D-A8F6-F55C61C505FE} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05163006-1713-4662-9ECF-A289C25682FC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05163006-1713-4662-9ECF-A289C25682FC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{316AFADB-1695-4E43-91B1-AFE552CC924D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{316AFADB-1695-4E43-91B1-AFE552CC924D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33297236-54E4-41F3-AA26-89BD90369DBA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33297236-54E4-41F3-AA26-89BD90369DBA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3ECC7296-435D-4569-9EFE-515BF5303D8D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ECC7296-435D-4569-9EFE-515BF5303D8D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{472E3CB9-D46A-483B-B83F-80558A76169C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{472E3CB9-D46A-483B-B83F-80558A76169C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4BAB933E-800C-429E-89FF-A0168544C6D4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BAB933E-800C-429E-89FF-A0168544C6D4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51CAFBF8-6C6E-4946-AB38-45D5AD02F433}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51CAFBF8-6C6E-4946-AB38-45D5AD02F433}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77F701EB-EB43-4659-8D08-9C9747E0B668}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77F701EB-EB43-4659-8D08-9C9747E0B668}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{863D3DEE-5FDE-47CC-8E71-B894DD7550ED}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{863D3DEE-5FDE-47CC-8E71-B894DD7550ED}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B979401-AC10-43DF-A0A6-EED8F31B099A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B979401-AC10-43DF-A0A6-EED8F31B099A}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FB62280-61F6-4D96-BC82-65F056D64558}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FB62280-61F6-4D96-BC82-65F056D64558}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6AADBDA-D255-40A4-A4E2-C9D39CE9FF5B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A3BF1E-03BB-45BC-B8EC-F0DB743C5E33}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1CEA9DE-D208-4E16-A042-A522D2A0874A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1CEA9DE-D208-4E16-A042-A522D2A0874A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC54D319-77BE-4F3D-A8D2-8D9FE514D98E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC54D319-77BE-4F3D-A8D2-8D9FE514D98E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBB35F96-4E9A-43B7-ADDE-C9307DC00BF1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCDC366E-3070-4F42-821B-A046398B17BF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCDC366E-3070-4F42-821B-A046398B17BF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE666C86-5E93-4C2D-A8F6-F55C61C505FE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE666C86-5E93-4C2D-A8F6-F55C61C505FE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => Schlüssel erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 1134528 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 56610472 B
Java, Flash, Steam htmlcache => 230780659 B
Windows/system/drivers => 23552 B
Edge => 111149631 B
Chrome => 0 B
Firefox => 62986698 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 24662 B
NetworkService => 0 B
Besitzer => 1217946 B
DefaultAppPool => 0 B
RecycleBin => 7227525 B
EmptyTemp: => 449.3 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:25:52 ====
|
|
| Themen zu NetUtils2016.sys und Net Utils2016.dll lassen sich nicht entfernen |
| .dll, administrator, asus, besitzer, computer, defender, entfernen, explorer, firewall, geforce, launch, löschen, mozilla, node.js, nvcontainer, nvidia, ordner, problem, prozesse, realtek, registry, rundll, scan, security, services.exe, software, system, teamspeak, windows, windowsapps |
Linear-Darstellung
