| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.12.2016, 14:43
| #1 |
 |  Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Hallo erstmal  Also ich versuche mich kurz zu fassen: Seit gestern sind sämtlich Ordner und deren Unterordner auf meinem Windows 7 System schreibgeschützt. Dateien die sich in diesen Ordnern befinden sind aber nicht geschützt. Wenn ich versuche den Schreibschutz aufzuheben, aktiviert er sich von alleine wieder.  MfG kampfkevin Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von jones (Administrator) auf JONES-PC (27-12-2016 14:24:13)
Gestartet von D:\Desktop
Geladene Profile: jones (Verfügbare Profile: jones)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) D:\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Wargaming.net) D:\World_of_Warships\WargamingGameUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MAXON Computer GmbH) D:\Cinema 4D R15\CINEMA 4D 64 Bit.exe
() D:\Cinema 4D R15\resource\libs\win32\qtguiagent.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-30] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Steam] => D:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-08-03] (Nota Inc.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [World of Warships] => D:\World_of_Warships\WargamingGameUpdater.exe [3134216 2016-12-05] (Wargaming.net)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\MountPoints2: {5056ca8a-8348-11e6-a56c-806e6f6e6963} - E:\.\Bin\Instv2.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-03] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-15] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: w9eabcxv.default
FF ProfilePath: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default [2016-12-27]
FF NewTab: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\w9eabcxv.default -> user_pref("keyword.URL", true);
FF Extension: (Tails Download and Verify) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\dave@tails.boum.org.xpi [2016-12-14]
FF Extension: (BetterTTV) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\firefox@betterttv.net.xpi [2016-10-15]
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-12-25]
FF Extension: (Lightbeam) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2016-10-30]
FF Extension: (uBlock Origin) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-20]
FF SearchPlugin: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\searchplugins\search provided by bing.xml [2016-12-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-15] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1883078689-1713311263-2009741731-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-10-17] ()
Chrome:
=======
CHR Profile: C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default [2016-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21]
CHR Extension: (Google Docs) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21]
CHR Extension: (Google Drive) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (YouTube) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (Google Tabellen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21]
CHR Extension: (Kaspersky Protection) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-10]
CHR Extension: (Google Docs Offline) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-21]
CHR Extension: (Google Mail) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-21]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] () [Datei ist nicht signiert]
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc.)
S4 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [346424 2015-04-10] (ASUSTeK)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-01] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-01] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
S4 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-30] (Logitech Inc.)
S2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-10] (Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 VSStandardCollectorService140; C:\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [111416 2014-05-07] (Asus)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21304 2014-02-17] (Olof Lagerkvist)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-01] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2016-09-25] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R0 FNETHYRAMAS; C:\Windows\System32\drivers\FNETHYRAMAS.SYS [45688 2016-09-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2016-09-25] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-22] (Intel Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-11-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-08-30] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-08-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [172832 2015-05-08] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2015-04-10] (Titan ARC Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 ALSysIO; \??\C:\Users\jones\AppData\Local\Temp\ALSysIO64.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 14:22 - 2016-12-27 14:24 - 00000000 ____D C:\FRST
2016-12-27 00:58 - 2016-12-27 00:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign354e97dde3ea7d29
2016-12-27 00:49 - 2016-12-27 00:49 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigne81e82cbe043aac0
2016-12-27 00:47 - 2016-12-27 00:47 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigndc9acc32be2c3f2d
2016-12-27 00:45 - 2016-12-27 00:45 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignfac97c20acb4c43b
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignf3c06d12ea8c3cff
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign91fa0ab59a8ca6c8
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7554ccbafccb7bee
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign628bacfd18266615
2016-12-25 21:10 - 2016-12-25 21:10 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign89c849fb7aa815fc
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd44e0b3ae7e2743f
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign76a445c852299d41
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1920737777514d0b
2016-12-25 20:17 - 2016-12-25 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-12-25 16:48 - 2016-12-25 18:57 - 00001819 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000101 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\WirecastCache
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Wirecast
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Vara Software
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Gameshow
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Local\Telestream
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\ProgramData\Telestream
2016-12-23 23:47 - 2016-12-23 23:47 - 00430280 _____ C:\Windows\Minidump\122316-5818-01.dmp
2016-12-22 17:18 - 2016-12-22 17:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft FxCop
2016-12-22 11:44 - 2016-12-25 00:51 - 00000000 ____D C:\Users\jones\AppData\Roaming\FileZilla
2016-12-22 11:44 - 2016-12-22 11:46 - 00000000 ____D C:\Users\jones\AppData\Local\FileZilla
2016-12-22 11:44 - 2016-12-22 11:44 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-12-22 09:44 - 2016-12-27 10:41 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-21 16:13 - 2016-12-12 15:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-21 16:12 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-21 16:12 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-15 22:24 - 2016-12-15 22:24 - 00000000 ____D C:\Users\jones\AppData\Local\4kdownload.com
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-12-15 20:28 - 2016-12-15 20:28 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-12-15 18:57 - 2016-12-15 18:57 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-15 18:18 - 2016-12-27 13:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-15 18:18 - 2016-12-15 22:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 18:05 - 2016-12-14 18:05 - 00000000 ____D C:\Users\jones\AppData\Roaming\MySQL
2016-12-14 15:43 - 2016-12-14 15:43 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-12-14 09:51 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 09:51 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 09:51 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 09:51 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 09:51 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 09:51 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 09:51 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 09:51 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 09:51 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 09:51 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 09:51 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 09:51 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 09:51 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 09:51 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 09:51 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 09:51 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 09:51 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 09:51 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 09:51 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 09:51 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 09:51 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 09:51 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 09:51 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 09:51 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 09:51 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 09:51 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 09:51 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 09:51 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 09:51 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 09:51 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 09:51 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 09:51 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 09:51 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:51 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 09:51 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 09:51 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 09:51 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 09:51 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 09:51 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 09:51 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 09:51 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 09:51 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 09:51 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 09:51 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 09:51 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 09:50 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 09:50 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 09:50 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 09:50 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 09:50 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 09:50 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 09:50 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 09:50 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 09:50 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 09:50 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 09:50 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 09:50 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 09:50 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 09:50 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 09:50 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 18:18 - 2016-12-22 16:06 - 00000000 ____D C:\Program Files\MySQL
2016-12-13 18:18 - 2016-12-13 18:18 - 00003658 _____ C:\Windows\System32\Tasks\MySQLNotifierTask
2016-12-13 18:18 - 2016-12-13 18:18 - 00000469 _____ C:\Windows\ODBCINST.INI
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Oracle
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\Windows\System32\Tasks\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\ProgramData\MySQL
2016-12-13 15:10 - 2016-12-13 15:10 - 00000000 ____D C:\Users\jones\AppData\Local\Chromium
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-12 18:08 - 2016-12-12 18:10 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Daybreak Game Company
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\SCE
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\Daybreak Game Company
2016-12-12 17:50 - 2016-12-12 17:50 - 00000000 ____D C:\Users\jones\AppData\Roaming\Apple Computer
2016-12-11 21:45 - 2016-12-12 18:35 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\Local\Apple
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple
2016-12-11 13:28 - 2016-12-11 13:42 - 00000000 ____D C:\Users\jones\AppData\Local\Troubleshooter
2016-12-11 13:16 - 2016-12-11 13:16 - 00000000 ____D C:\Users\jones\AppData\Local\Macromedia
2016-12-11 13:10 - 2016-11-23 14:37 - 00000570 _____ C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-12-11 13:09 - 2016-12-11 13:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-12-11 13:09 - 2016-12-11 13:09 - 00001636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Users\jones\AppData\Local\Bluestacks
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-12-10 18:02 - 2016-12-10 18:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignb8ae7aa56fc1fb82
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignba25b980fad0f8bd
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign02fc446167f0ca14
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignc08a35b36bbfbe2c
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign32a7196cf398f5e2
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign249a5aef232b417a
2016-12-09 15:00 - 2016-12-09 15:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-09 15:00 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-09 15:00 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-09 15:00 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-09 14:59 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-09 14:59 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-09 14:58 - 2016-12-13 00:36 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-07 12:25 - 2016-12-07 12:25 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-12-06 20:27 - 2016-12-13 17:55 - 00000000 ____D C:\Users\jones\.VirtualBox
2016-12-06 20:27 - 2016-12-06 20:27 - 00000000 ____D C:\Users\jones\VirtualBox VMs
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\Program Files\Oracle
2016-12-06 20:26 - 2016-11-21 17:45 - 00933088 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-12-06 20:26 - 2016-11-21 17:44 - 00150280 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignda27caeac2fc6849
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd11d79c13c8b7cb4
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign9131f71e0b828803
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign774b043f706c9930
2016-12-06 19:04 - 2016-12-06 19:04 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign94819b1d872688ce
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd81ca5932ec02288
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7f511a63b33f2a74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7aec91d2846b7c74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign677de4a702b881ab
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign3ca798d80f75dc7c
2016-12-06 17:31 - 2016-12-06 17:31 - 00000000 ____D C:\Users\jones\AppData\Roaming\NuGet
2016-12-04 20:46 - 2016-12-04 20:46 - 00001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2016-12-04 12:07 - 2016-12-04 12:07 - 00430376 _____ C:\Windows\Minidump\120416-8392-01.dmp
2016-12-04 11:55 - 2016-12-04 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\jones\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2016-12-03 22:11 - 2016-12-25 19:55 - 00000000 ___RD C:\Users\jones\Creative Cloud Files
2016-12-03 22:11 - 2016-12-25 19:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-03 21:53 - 2016-12-03 21:53 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign65b3eecb41c9c89e
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1c3758160151a712
2016-12-03 21:40 - 2016-12-03 21:40 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna929a537f99eba8c
2016-12-03 21:39 - 2016-12-03 21:39 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna3078dbefe233b3a
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1b0e4e8584018b99
2016-12-03 18:22 - 2016-12-07 21:15 - 00000000 ____D C:\Users\jones\AppData\Roaming\vlc
2016-12-03 18:22 - 2016-12-03 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-03 17:18 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts_bkup
2016-12-03 17:05 - 2016-12-04 20:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-03 17:05 - 2016-12-04 20:34 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-03 17:05 - 2016-12-03 21:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-03 17:05 - 2016-12-03 17:05 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-jones-PC-jones
2016-12-03 17:05 - 2016-12-03 17:05 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2016-12-03 17:00 - 2016-12-25 16:45 - 00000000 ____D C:\Users\jones\AppData\Local\Deployment
2016-12-03 17:00 - 2016-12-03 17:00 - 00000000 ____D C:\Users\jones\AppData\Local\Apps\2.0
2016-12-03 16:47 - 2016-12-03 16:47 - 00002142 _____ C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-03 16:44 - 2016-12-03 16:44 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-12-03 16:42 - 2016-12-03 16:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Local\{F28CC4D0-D624-A868-BBBC-8D809FD47118}
2016-12-02 21:24 - 2016-12-02 21:25 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngine
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\ProgramData\Epic
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngineLauncher
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\EpicGamesLauncher
2016-11-30 20:50 - 2016-11-30 20:50 - 00000000 ____D C:\Users\jones\AppData\Local\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\Python27
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-11-28 20:38 - 2016-11-28 20:38 - 00000000 ____D C:\Users\jones\AppData\Roaming\Skype
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ___RD C:\Users\jones\OneDrive
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-28 20:36 - 2016-11-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-28 20:30 - 2016-11-28 20:30 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-28 20:28 - 2016-12-03 22:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-11-27 14:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2016-11-27 13:47 - 2016-11-27 13:47 - 00000000 ____D C:\Users\jones\AppData\Local\CrashRpt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 13:04 - 2016-09-29 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-27 10:50 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 10:50 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 10:48 - 2016-11-19 11:59 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Mozilla
2016-12-27 10:48 - 2016-09-26 18:07 - 00000000 ____D C:\Users\jones\AppData\Local\CrashDumps
2016-12-27 10:47 - 2016-11-25 16:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-27 10:47 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-27 10:47 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-27 10:47 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-27 10:47 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 10:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-27 10:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-27 09:51 - 2009-07-14 05:45 - 05036784 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-27 01:00 - 2016-09-25 19:29 - 00076256 _____ C:\Users\jones\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-26 11:54 - 2016-11-19 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Battle.net
2016-12-26 11:36 - 2016-09-26 18:26 - 00000000 ____D C:\Users\jones\AppData\Local\Adobe
2016-12-26 00:12 - 2016-10-10 18:36 - 00000000 ____D C:\Users\jones\AppData\Roaming\Audacity
2016-12-25 19:55 - 2016-11-14 18:04 - 00000000 ____D C:\Users\jones\AppData\Roaming\discord
2016-12-25 19:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-25 16:51 - 2016-10-22 14:41 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-25 16:51 - 2016-10-22 14:40 - 00000000 ____D C:\Visual Studio
2016-12-25 16:51 - 2016-09-25 19:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-25 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-25 16:50 - 2016-10-22 14:42 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-25 16:50 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-25 16:49 - 2016-10-22 14:51 - 00000000 ____D C:\Users\jones\AppData\Local\VSIXInstaller
2016-12-25 16:43 - 2016-10-22 14:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-25 16:43 - 2016-10-22 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-24 16:45 - 2016-10-12 17:38 - 00000000 ____D C:\Users\jones\AppData\Local\ElevatedDiagnostics
2016-12-23 23:47 - 2016-11-01 18:19 - 896961039 _____ C:\Windows\MEMORY.DMP
2016-12-23 23:47 - 2016-11-01 18:19 - 00000000 ____D C:\Windows\Minidump
2016-12-23 22:52 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-23 00:49 - 2016-10-20 18:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-23 00:48 - 2016-10-20 18:19 - 00000000 ____D C:\Users\jones\AppData\Roaming\Origin
2016-12-22 15:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-22 09:44 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-21 16:25 - 2016-09-29 17:53 - 00000000 ____D C:\Users\jones\AppData\Local\UmmyVideoDownloader
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\NVIDIA Corporation
2016-12-21 16:13 - 2016-09-25 20:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 19:12 - 2016-11-21 20:07 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 19:12 - 2016-11-21 20:07 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 18:21 - 2016-11-18 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 18:21 - 2016-09-25 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 22:24 - 2016-10-12 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-15 22:24 - 2016-10-12 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-15 22:19 - 2016-09-25 18:52 - 00000000 ____D C:\Users\jones
2016-12-15 20:51 - 2016-10-17 17:54 - 00000000 ____D C:\Users\jones\AppData\Local\Ubisoft Game Launcher
2016-12-15 19:13 - 2016-09-26 18:07 - 00000316 _____ C:\Users\jones\.packettracer
2016-12-15 18:58 - 2016-11-01 18:35 - 00000000 ____D C:\ProgramData\Oracle
2016-12-15 18:19 - 2016-09-25 20:06 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-15 18:14 - 2016-11-21 20:07 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 22:35 - 2016-09-25 22:05 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 22:34 - 2016-09-25 22:05 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 22:33 - 2016-09-25 19:46 - 01594174 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-14 22:21 - 2016-10-07 21:26 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-12-13 15:10 - 2016-09-25 21:31 - 00000000 ____D C:\Users\jones\AppData\Local\Steam
2016-12-12 15:37 - 2016-09-25 20:08 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-11 16:18 - 2016-10-29 22:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-11 13:09 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-10 22:42 - 2016-10-20 18:19 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-10 11:08 - 2016-11-21 20:07 - 00000000 ____D C:\Users\jones\AppData\Local\Google
2016-12-09 15:01 - 2016-09-25 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-09 15:01 - 2016-09-25 19:50 - 00000000 ____D C:\Temp
2016-12-09 14:58 - 2016-09-25 20:08 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-09 14:58 - 2016-09-25 20:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-07 17:53 - 2016-10-24 16:10 - 00000000 ____D C:\Users\jones\AppData\Local\fabi.me
2016-12-07 12:24 - 2016-09-25 19:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-07 12:15 - 2016-11-25 14:42 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-07 12:15 - 2016-06-20 17:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-07 12:15 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 20:23 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Roaming\VMware
2016-12-06 20:23 - 2016-10-05 18:07 - 00000000 ____D C:\ProgramData\VMware
2016-12-06 20:22 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Local\VMware
2016-12-04 20:46 - 2016-09-25 20:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Adobe
2016-12-04 12:23 - 2016-09-29 19:49 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 22:11 - 2016-09-25 19:31 - 00000000 ____D C:\ProgramData\Adobe
2016-12-03 16:41 - 2016-10-04 17:33 - 00000000 ____D C:\Users\jones\AppData\Roaming\Samsung
2016-12-03 16:41 - 2016-09-25 19:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-03 16:40 - 2016-09-25 18:53 - 00000000 ____D C:\Users\jones\AppData\Local\VirtualStore
2016-12-01 20:52 - 2016-11-19 17:52 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2016-10-22 22:09 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-01 20:52 - 2016-09-25 20:01 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 20:52 - 2016-09-25 20:00 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-30 17:23 - 2016-11-25 19:03 - 00000000 ____D C:\Users\jones\AppData\Roaming\iw4play
2016-11-30 10:34 - 2016-09-25 20:01 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-29 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-27 02:29 - 2016-09-25 19:30 - 01048576 _____ C:\Windows\PE_Rom.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-25 16:48 - 2016-12-25 16:48 - 0000101 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 18:57 - 0001819 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-09-26 19:04 - 2016-11-25 17:19 - 0007594 _____ () C:\Users\jones\AppData\Local\Resmon.ResmonCfg
2016-10-16 12:52 - 2016-10-16 13:05 - 25397336 _____ (One Click Root) C:\Users\jones\AppData\Local\TempOneClickRoot.exe
2016-12-11 13:10 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-11-17 20:10 - 2016-11-17 20:10 - 0019456 _____ () C:\Users\jones\AppData\Local\WebpageIcons.db
2016-12-22 09:44 - 2016-12-27 10:42 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:44 - 2016-12-27 10:41 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
C:\Users\jones\AppData\Local\Temp\131244059793244084.exe
C:\Users\jones\AppData\Local\Temp\131252507815310005.exe
C:\Users\jones\AppData\Local\Temp\hss_update.exe
C:\Users\jones\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\jones\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\jones\AppData\Local\Temp\nvStInst.exe
C:\Users\jones\AppData\Local\Temp\NvTelemetry.dll
C:\Users\jones\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\jones\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\jones\AppData\Local\Temp\proxy_vole3767493610430601260.dll
C:\Users\jones\AppData\Local\Temp\proxy_vole8515395891240894562.dll
C:\Users\jones\AppData\Local\Temp\uninstall_flash_player.exe
C:\Users\jones\AppData\Local\Temp\utils.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-24 16:38
==================== Ende von FRST.txt ============================
|
|
27.12.2016, 14:44
| #2 |
| | Addition.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von jones (27-12-2016 14:24:25)
Gestartet von D:\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-09-25 17:52:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1883078689-1713311263-2009741731-500 - Administrator - Disabled)
Gast (S-1-5-21-1883078689-1713311263-2009741731-501 - Limited - Disabled)
jones (S-1-5-21-1883078689-1713311263-2009741731-1000 - Administrator - Enabled) => C:\Users\jones
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.3.1485 - Open Media LLC)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.24 - ASUSTeK Computer Inc.)
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Assassin's Creed II (HKLM\...\Steam App 33230) (Version: - Ubisoft Montreal)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.30 - ASUSTeK Computer Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.7302 - BlueStack Systems, Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia 9 (HKLM-x32\...\{a3e71447-59c4-4a75-8b70-fd4d95054cc5}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia 9 (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID ROG CPU-Z 1.72.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.72.1 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Epic Games Launcher (HKLM-x32\...\{2DE76AAC-8061-4D9B-B7BA-A7CFBE0F8048}) (Version: 1.1.86.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.23.0.2 (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GRID (HKLM\...\Steam App 12750) (Version: - Codemasters Studios)
Gyazo 3.2.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1141 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KeyBot II (HKLM-x32\...\{56496BBC-DA67-4DC7-9B90-398982CA641D}) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.22 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MySQL Connector C++ 1.1.7 (HKLM\...\{A4310FCD-95D5-49B7-91BA-9A079F07B167}) (Version: 1.1.7 - Oracle and/or its affiliates)
MySQL Connector C++ 1.1.8 (HKLM\...\{4BFAEC5F-9E57-467F-A19F-2FF716DDC9E6}) (Version: 1.1.8 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{C681B554-3461-4030-9D6B-5C3420009CD3}) (Version: 5.1.40 - Oracle Corporation)
MySQL Connector Net 6.9.9 (HKLM-x32\...\{E09F82E9-3EB3-4725-BDC8-3C77F83E262C}) (Version: 6.9.9 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{17E48BE8-F0F8-42B6-82D3-7A5840694D79}) (Version: 5.3.6 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{0A0D2C15-D682-4036-BC8C-6E382E656CBB}) (Version: 5.7.17 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{074B4410-68CF-4B12-A02D-888384F51615}) (Version: 5.7.17 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{16CDE9E2-49CB-4D47-BE78-F20ADA452126}) (Version: 1.4.18.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Utilities (HKLM\...\{7FC39694-83D7-4CBD-88D6-15D1DD698075}) (Version: 1.6.4 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{85664F8E-BFC5-46DE-AB5C-1EA6536AACBE}) (Version: 6.3.8 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.5 - OBS Project)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDF24 Creator 8.0.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhonerLite 2.43 (HKLM-x32\...\PhonerLite_is1) (Version: 2.43 - Heiko Sommerfeldt)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.32 - ASUSTeK Computer Inc.)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ROGRAMCACHE (HKLM-x32\...\ROGRAMCACHE) (Version: 1.07.18 - ASUSTeKcomputer Inc)
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.1.0 - ) <==== ACHTUNG
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D5A9B21-79F9-11E6-AAC4-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.2 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warships (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XSplit Broadcaster (HKLM-x32\...\{49AED0C4-9A78-48DF-9292-27EF1E7D459F}) (Version: 2.7.1602.2231 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02347E83-411E-49EB-9DCC-44884B5DF37C} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2016-07-29] (Oracle Corporation)
Task: {0656C1BD-D2A8-40BA-BEB3-79F7FB1569D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-03] (Microsoft Corporation)
Task: {0F3F5F84-409A-4139-87FE-247E5D3D151B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {1D6566F2-BCE1-4399-B7C6-794361F60856} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-15] (Adobe Systems Incorporated)
Task: {24DDAC3E-69D2-49F1-B2F5-71395CE3A09C} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
Task: {35C91D42-284E-44AD-A63C-85B83984D6F4} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {35E8CBCF-8314-47F9-B69F-49DA7D5B022F} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {41D6F4FE-DB23-460F-A504-7F3E66290F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-21] (Google Inc.)
Task: {4385C7DD-15C4-40A9-96CF-33E81F674C5D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {617CECAB-3629-4378-B22D-188CBC7FAE36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-03] (Microsoft Corporation)
Task: {639E0947-3C15-4608-A38D-50C5DE9B80E5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {657D01E3-5636-4524-A9E5-D871A965B472} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Visual Studio\Common7\IDE\VSIXAutoUpdate.exe
Task: {6897188D-D45A-42F7-B69D-68C4D0B96088} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-06-30] ()
Task: {6C179E60-B08A-4CD9-88C5-45DB316302BB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {728FD162-E837-42F2-A265-D76C6B8CA44C} - System32\Tasks\ASUS\RamDisk => C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe [2014-02-17] ()
Task: {8E1F4D1B-C3B3-4E5A-B49A-971002F13A91} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {931F348E-E6BD-4F82-9D96-D71632C82248} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {951EF30F-ED14-4FBC-900E-6784CA0572EB} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2015-06-25] ()
Task: {95C26FB0-7E82-49FA-99D2-269E3FB82526} - System32\Tasks\ASUS\KeyBot II Execute => C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe [2015-06-18] ()
Task: {A8244554-CD1D-483D-8AC2-7D199408F4B2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {AAC68C65-D014-46B5-A05B-6C4F280EE446} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {B2D7C514-0204-4549-BE6D-1E17AB2F3D52} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
Task: {B318BF9E-6792-4153-893A-EF26B08D2758} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-06-30] (ASUSTeK Computer Inc.)
Task: {C0EDFD52-8F7A-4038-AAC1-5ADD05BD604E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {C8EE4871-472F-476C-A911-5928D6BCB4CE} - System32\Tasks\AdobeAAMUpdater-1.0-jones-PC-jones => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {CACC0433-3FCB-4369-8275-A89C90D25C9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-21] (Google Inc.)
Task: {D2C3C216-BC96-4B35-8350-1456FDCEB516} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-02-06] ()
Task: {E768A948-E655-4F45-8883-03F12A494982} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2016-11-01] (Oracle Corporation)
Task: {ED58BD51-22A2-4910-834A-A9EF8CCDF5E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {EFFA6A86-7077-4943-B947-F9BDAF8495A6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2015-06-03] (TODO: <Company name>)
Task: {F6C4D860-0CB0-4D7E-84D3-6279B039E907} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
Task: {F87DDC75-A7D2-4F0F-BA42-31B8D89CA296} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-25 20:08 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-25 20:08 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-25 20:08 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-25 20:01 - 2016-12-01 18:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-03 16:47 - 2016-12-03 16:47 - 00959168 _____ () C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-21 21:16 - 2016-09-21 21:16 - 00230064 _____ () D:\Notepad++\NppShell_06.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-30 01:17 - 2016-08-30 01:17 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-30 01:17 - 2016-08-30 01:17 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-09-25 19:23 - 2015-02-06 13:53 - 01462584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-09-25 19:24 - 2014-08-28 09:37 - 00033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2014-07-09 11:56 - 2014-07-09 11:56 - 00425256 ____R () D:\Cinema 4D R15\resource\modules\addons\addons.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 04016736 ____R () D:\Cinema 4D R15\resource\modules\alembic\alembic.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00260392 ____R () D:\Cinema 4D R15\resource\modules\allplan\allplan.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 00174688 ____R () D:\Cinema 4D R15\resource\modules\ArchiCADExchange\ArchiCADExchange.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 01080104 ____R () D:\Cinema 4D R15\resource\modules\bitmapfilter\bitmapfilter.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00296232 ____R () D:\Cinema 4D R15\resource\modules\bp2lw\bp2lw.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00308008 ____R () D:\Cinema 4D R15\resource\modules\bp2max\bp2max.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00355624 ____R () D:\Cinema 4D R15\resource\modules\bp2maya\bp2maya.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00294184 ____R () D:\Cinema 4D R15\resource\modules\bp2xsi\bp2xsi.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 01625384 ____R () D:\Cinema 4D R15\resource\modules\browser\browser.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 07906600 ____R () D:\Cinema 4D R15\resource\modules\ca\characteranim.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00513320 ____R () D:\Cinema 4D R15\resource\modules\cameramapper\cameramapper.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 03344480 ____R () D:\Cinema 4D R15\resource\modules\collada14\collada14.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 03658848 ____R () D:\Cinema 4D R15\resource\modules\collada15\collada15.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00652072 ____R () D:\Cinema 4D R15\resource\modules\compositing\compositing.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 10195552 ____R () D:\Cinema 4D R15\resource\modules\dwg\dwg.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00714024 ____R () D:\Cinema 4D R15\resource\modules\dwgobjects\dwgobjects.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 07383136 ____R () D:\Cinema 4D R15\resource\modules\fbx\fbx.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 00984872 ____R () D:\Cinema 4D R15\resource\modules\gv\expressiontag\expressiontag.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 01031976 ____R () D:\Cinema 4D R15\resource\modules\gv\graphviewcore\graphviewcore.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 05012264 ____R () D:\Cinema 4D R15\resource\modules\modeling\modeling.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00514344 ____R () D:\Cinema 4D R15\resource\modules\motioncam\motioncam.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 01273128 ____R () D:\Cinema 4D R15\resource\modules\netrender\netrender.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 05183272 ____R () D:\Cinema 4D R15\resource\modules\newman\newman.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 03742504 ____R () D:\Cinema 4D R15\resource\modules\objects\objects.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00523048 ____R () D:\Cinema 4D R15\resource\modules\onlinehelp\onlinehelp.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 01927464 ____R () D:\Cinema 4D R15\resource\modules\onlineupdater\onlineupdater.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 00184928 ____R () D:\Cinema 4D R15\resource\modules\openexr\OpenEXR.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 02763048 ____R () D:\Cinema 4D R15\resource\modules\python\python.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00939816 ____R () D:\Cinema 4D R15\resource\modules\relaxuv\relaxuv.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 01828136 ____R () D:\Cinema 4D R15\resource\modules\sculpt\sculpt.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00201000 ____R () D:\Cinema 4D R15\resource\modules\sculptbrushes\sculptbrushes.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00994088 ____R () D:\Cinema 4D R15\resource\modules\shader\shader.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 02231592 ____R () D:\Cinema 4D R15\resource\modules\sla\sla.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00326952 ____R () D:\Cinema 4D R15\resource\modules\spacemouse\spacemouse.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00445736 ____R () D:\Cinema 4D R15\resource\modules\texturemanager\texturemanager.cdl64
2014-05-14 12:03 - 2014-05-14 12:03 - 00240736 ____R () D:\Cinema 4D R15\resource\modules\updatemerge\updatemerge.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 03085608 ____R () D:\Cinema 4D R15\resource\modules\xtensions\xtensions.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 02012968 ____R () D:\Cinema 4D R15\modules\advanced render\advanced render\advancedrender.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 02731816 ____R () D:\Cinema 4D R15\modules\advanced render\cineman\cineman.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 02351400 ____R () D:\Cinema 4D R15\modules\advanced render\sky\sky.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 00288040 ____R () D:\Cinema 4D R15\modules\Architecture Extension Kit\archigrass\archigrass.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 00766248 ____R () D:\Cinema 4D R15\modules\Architecture Extension Kit\walkthrough\walkthrough.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 02752808 ____R () D:\Cinema 4D R15\modules\dynamics2\dynamics2.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00915240 ____R () D:\Cinema 4D R15\modules\Engineering Extension Kit\iges\iges.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 00201312 ____R () D:\Cinema 4D R15\modules\Engineering Extension Kit\OkinoComClient\OkinoComClient.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 03152168 ____R () D:\Cinema 4D R15\modules\hair\hair.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 01046824 ____R () D:\Cinema 4D R15\modules\mocca\ca2\ca2.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00572712 ____R () D:\Cinema 4D R15\modules\mocca\clothilde\clothilde.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 00630568 ____R () D:\Cinema 4D R15\modules\mocca\mocca\mocca.cdl64
2014-07-09 11:58 - 2014-07-09 11:58 - 03184424 ____R () D:\Cinema 4D R15\modules\mograph\motiongraphics.cdl64
2014-07-09 11:56 - 2014-07-09 11:56 - 01657128 ____R () D:\Cinema 4D R15\modules\sketch\sketch.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 00800552 ____R () D:\Cinema 4D R15\modules\Thinking Particles\Thinking Particles\thinkingparticles.cdl64
2014-07-09 11:57 - 2014-07-09 11:57 - 01116456 ____R () D:\Cinema 4D R15\modules\Thinking Particles\tpoperators\tpoperators.cdl64
2014-05-14 12:02 - 2014-05-14 12:02 - 00866304 ____R () D:\Cinema 4D R15\resource\modules\openexr\OpenEXRlibx64.dll
2016-10-12 20:30 - 2012-03-06 02:29 - 00110592 ____R () D:\Cinema 4D R15\resource\modules\python\res\Python.win64.framework\DLLs\_ctypes.pyd
2016-10-12 20:30 - 2013-06-25 16:16 - 00723968 ____R () D:\Cinema 4D R15\resource\libs\win32\qtguiagent.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kpcengine.2.3.dll
2015-06-02 03:18 - 2015-06-02 03:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-25 20:08 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-25 20:08 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-25 20:08 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-25 21:31 - 2016-12-08 16:13 - 00656160 _____ () D:\Steam\SDL2.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 04969248 _____ () D:\Steam\v8.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 01195296 _____ () D:\Steam\icuuc.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 02322720 _____ () D:\Steam\video.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 00838944 _____ () D:\Steam\bin\chromehtml.DLL
2016-09-25 21:31 - 2016-07-04 23:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-09-25 20:08 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-25 20:08 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-25 20:08 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-25 19:23 - 2014-10-09 08:31 - 00237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-09-25 19:23 - 2014-02-24 16:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-09-25 19:23 - 2014-09-08 07:26 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-09-25 19:23 - 2014-09-26 14:40 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-12-13 15:10 - 2016-12-05 17:21 - 67304736 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 00388384 _____ () D:\Steam\steam.dll
2016-09-25 21:31 - 2015-09-25 00:52 - 00119208 _____ () D:\Steam\winh264.dll
2016-12-03 16:47 - 2016-12-03 16:47 - 00679624 _____ () C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-03 21:57 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: AsusFanControlService => 2
MSCONFIG\Services: AsusGameFirstService => 2
MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: klvssbrigde64 => 3
MSCONFIG\Services: KSDE1.0.0 => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AO Link Server => C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\ALRun.exe -start
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\jones\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey
MSCONFIG\startupreg: MySQL Notifier => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ROGRAMCACHE => "C:\Program Files (x86)\ROGRAMCACHE\RamCache.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: World of Warships => "D:\World_of_Warships\WargamingGameUpdater.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7078A760-A183-4C4E-A352-D86FD967A1E3}] => C:\Windows\system32\ftp.exe
FirewallRules: [{CD099EA6-A537-4E10-83E6-C8B607A875C4}] => C:\Windows\system32\ftp.exe
FirewallRules: [{0FB9C180-0954-4CC3-A659-0F0E8BDF0AB3}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{875C8E0A-0CEC-49F5-8C53-74BFA41B17D0}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{84EC250D-1D49-460E-9900-CCDB7A8F798D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6FF07F1-3A8D-4C90-B4DD-893CA5995DAC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{631E16D8-8B15-4886-9169-553A53ACE835}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BC364940-5A85-4F77-983B-A98249E26A0B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5148924F-8F57-4A50-BC5D-71DFDEEEAB23}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7205A6E-E510-471E-A798-592DFAEC543D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D508EE0C-A2C7-4BCF-9DB9-CD0AAF59BD43}] => D:\Steam\Steam.exe
FirewallRules: [{7511F129-03EC-4E3D-980B-EF58432B7645}] => D:\Steam\Steam.exe
FirewallRules: [{00E949AB-8FDF-4972-94CF-893BF4746945}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{22E16669-F7CF-470B-8023-0A48244B7055}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C7522EA8-1CD8-4729-9724-AF137FF9BFDE}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{188F1EAC-0219-4439-B98A-198CCE9299CD}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{5BFB251E-1AAD-46E9-9958-62FE29B4B1F7}] => D:\Sony Vegas Pro 14\vegas140.exe
FirewallRules: [{F6B94302-032C-4437-9E80-F11F41EE8652}] => D:\Sony Vegas Pro 14\vegas140.exe
FirewallRules: [TCP Query User{A2ABEE16-D780-4EB4-B9FC-4BDCDE3EBBA0}D:\bc\bitcoin\bitcoin-qt.exe] => D:\bc\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{9D8FD774-998E-48DF-A741-4E9C5BCBF58E}D:\bc\bitcoin\bitcoin-qt.exe] => D:\bc\bitcoin\bitcoin-qt.exe
FirewallRules: [{A25143C4-B31B-404A-8E40-4092457B2513}] => C:\Steam Spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{DE0B6786-CC44-4411-BB4A-37D569924D05}] => C:\Steam Spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{C3DC8108-437E-4958-A82D-42C0758882CD}D:\phonerlite\phonerlite.exe] => D:\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{68A99F18-B480-4BFF-95F6-BC300A0C417E}D:\phonerlite\phonerlite.exe] => D:\phonerlite\phonerlite.exe
FirewallRules: [{3EC364AB-7A21-4AFA-AD6B-4CF5B4F10727}] => C:\Steam Spiele\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{4C030A22-26E7-4570-8DA1-FA8B8FF035D9}] => C:\Steam Spiele\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{57FFDD0C-E211-4917-93D5-C25B54758474}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0852E2B8-13A8-4B7F-87FA-AB9D25234CA1}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F349FC3E-8509-4692-80EC-F5F3CA77DB19}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BDC8547B-BAC0-40A6-9BF9-1E5D9A0DD4C8}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EDE7B0F2-F8C2-4207-BA43-212718A9926F}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{2CB3A9AC-8A86-4FD7-9850-86554AFBD2F0}D:\cisco packet tracer 7.0\bin\packettracer7.exe] => D:\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{3059C0A9-E3E3-4A7B-9CD5-89EA977AC551}D:\cisco packet tracer 7.0\bin\packettracer7.exe] => D:\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [{4A5F2C5E-A2CD-417B-86A8-575BDF341281}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{240C618B-BC51-4A9D-AAAD-31767CEDE8AE}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{BE8D2B25-CD53-4323-876D-35E13D51F93C}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{363661A8-4F06-4200-822B-126C819B5293}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{2F62919D-26AB-4DE9-8C1D-3565FCB84917}D:\battlenet games\overwatch\overwatch.exe] => D:\battlenet games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EC54D3CA-573F-45AF-9FFF-1C72C3D1BA5F}D:\battlenet games\overwatch\overwatch.exe] => D:\battlenet games\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6F050561-763D-4CC0-9344-DAA8A9D48348}D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe] => D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe
FirewallRules: [UDP Query User{ADF7CA76-0D84-4E0E-9C75-255F8FA02898}D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe] => D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe
FirewallRules: [TCP Query User{17697F18-74E4-4A05-9672-F49C22FF22B6}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{EA138ECA-788F-48D0-B637-9E8B3A653030}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [{9E51A635-881D-4EB4-B52B-1D805E06EF62}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{2B9924B5-AB53-481E-A534-CABEF58770C5}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{31EDF090-5E4F-4CE9-A01F-45212F8A46FF}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{CF9A98A5-6E19-4A56-8A9B-C535C3A4083A}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{ADA75E88-2BD5-4CBE-9A87-052A54EE07FF}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe
FirewallRules: [UDP Query User{DE778C4C-09DA-411F-A4BC-A9B873A8C8D5}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe
FirewallRules: [{610BFC8F-DCC3-4B7A-A738-170476015A47}] => LPort=8318
FirewallRules: [TCP Query User{830F4647-602E-4698-BDC5-A1F6B956A4E5}D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe
FirewallRules: [UDP Query User{AAD3B6D7-15A8-4B1D-AA30-21AFAC6831D7}D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe
FirewallRules: [TCP Query User{A2D335EE-4FB0-4F20-841E-C18BBD0BF5E1}D:\desktop\mw2 iw4m server\iw4m_server.exe] => D:\desktop\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{833250D0-CF36-4777-8449-5EDB50CB5672}D:\desktop\mw2 iw4m server\iw4m_server.exe] => D:\desktop\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{A129B85C-DF03-40CF-AC1D-DE2A37407EE5}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{32D339A2-0529-4F7F-AEC2-B8517A8C6D2E}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{9296CB0D-7C8D-4A79-A8A9-56E0A65FF9F2}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [UDP Query User{485F767D-600A-46DB-BD06-D8659C8B6EE8}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [TCP Query User{C377AA3D-4250-4C87-8965-74B85646EE7F}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [UDP Query User{1B492D30-1634-4AC4-B573-060AFDAEF4E6}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [{516DBD36-6FCF-46E9-936F-0CFBC68250A8}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{85EB8774-FC3F-46F0-967A-103ECFEF5D23}D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe] => D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe
FirewallRules: [UDP Query User{C73460F3-6773-47EF-A815-4FF842C54D84}D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe] => D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe
FirewallRules: [TCP Query User{026F2AE6-9424-4C3D-9301-7CA9EF7F1551}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{DA3DDD15-92D1-4321-B833-7068A273543E}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{296E81C5-61E7-4364-80BC-530FCB9BFD48}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{E547B11E-1767-4ECF-85EA-4C80368E37ED}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{2C49B268-586C-42EF-BF63-40969BD7DF4B}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{119ADB3A-CEE5-447A-8C0E-94AAF731F791}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A5881388-0D83-461A-8B8E-32EC2EC083D4}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4A6C1048-ECC7-45C2-92CD-FAC949E768B4}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{4C8B402B-5F1A-47FB-8720-88BA6369A2FB}C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe] => C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe
FirewallRules: [UDP Query User{56DA5824-9C89-4C53-AF63-E4600A12FE4B}C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe] => C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe
FirewallRules: [{1331DB14-39F3-482A-A01C-4F8E68B64538}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2A68245F-8E0B-40CC-9DE6-A86F802732E5}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{BBE7C430-BBD7-4B5B-869F-4C773C31EC90}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{110880D8-40B3-471B-979E-002C2D62F794}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{1D8207B5-B297-4E47-88A5-93ED8BC33EA0}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{535B565A-0978-4D20-AD5E-044A6A2A1282}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{5F6EF68B-AC7E-411F-B3A2-4809DAF64EB7}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{B81097E5-C4BA-42C0-B1FF-6B1967C37633}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{48AFC689-B4E4-4DC4-8489-01057EEEDAE4}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D409E766-06AB-4074-BEE1-DA3AC17C3213}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{9BEC199F-4B37-4D8A-9F8E-7E1CEB5B8A78}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D492087-F7BA-4116-84A2-76BBFAE60E7D}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AD21BE1F-9B41-4D49-8EB4-E5C62B6AB777}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{EA6915D8-09E0-4CFE-9164-90917E86B974}] => D:\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{1C3F4029-392D-4E4B-84C6-48D3445884EE}] => D:\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{B652D912-38EA-4D9E-9BEE-D11AAD7D026A}] => D:\World_of_Warships\worldofwarships.exe
FirewallRules: [{E1F65A48-14FD-4F99-87B8-B94D1F1C052F}] => D:\World_of_Warships\worldofwarships.exe
FirewallRules: [{81B496D6-06F8-4786-81E3-61E1EF2CB304}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B0EBFBBB-E6A2-4B52-A9BB-566BAED4C9B9}] => D:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{67746EBF-681C-4852-A358-90988CA37158}] => D:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{E536AF71-2B14-4FC9-8AEE-C1BD9CE68B0D}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{9CABBE5E-21EE-4CF8-A620-774C1DA9FF30}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Wiederherstellungspunkte =========================
25-12-2016 16:33:16 Gameshow wird installiert
25-12-2016 16:35:21 Removed MySQL for Visual Studio 1.2.6
25-12-2016 16:42:39 Microsoft Visual Studio Enterprise 2015
25-12-2016 16:42:45 Visual Studio 2015 Update 3 (KB3022398)
25-12-2016 16:42:49 Update for Microsoft Visual Studio 2015 (KB3165756)
25-12-2016 20:04:38 Removed XSplit Broadcaster
25-12-2016 20:11:38 Gameshow wird entfernt
25-12-2016 20:17:06 Installed XSplit Broadcaster
27-12-2016 09:55:05 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2016 10:48:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsBCLK.exe, Version: 1.0.0.30, Zeitstempel: 0x558b6a4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x14ac
Startzeit der fehlerhaften Anwendung: 0x01d260264c6171f4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 90b8c655-cc19-11e6-8e28-305a3a03ee15
Error: (12/27/2016 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PushNoticeMonitor.exe, Version: 1.0.1.2, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x15a0
Startzeit der fehlerhaften Anwendung: 0x01d260264cfa2f84
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 8b93ba44-cc19-11e6-8e28-305a3a03ee15
Error: (12/27/2016 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KeyBotII.exe, Version: 1.0.0.4, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x14c0
Startzeit der fehlerhaften Anwendung: 0x01d260264c619904
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 8b939334-cc19-11e6-8e28-305a3a03ee15
Error: (12/27/2016 10:44:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/27/2016 10:16:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsBCLK.exe, Version: 1.0.0.30, Zeitstempel: 0x558b6a4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0x01d26021dac795f0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 209bddc1-cc15-11e6-91d4-305a3a03ee15
Error: (12/27/2016 10:16:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PushNoticeMonitor.exe, Version: 1.0.1.2, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x1070
Startzeit der fehlerhaften Anwendung: 0x01d26021db246b90
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 1b873cd0-cc15-11e6-91d4-305a3a03ee15
Error: (12/27/2016 10:16:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KeyBotII.exe, Version: 1.0.0.4, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x12b0
Startzeit der fehlerhaften Anwendung: 0x01d26021dac9f750
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 1b8763e0-cc15-11e6-91d4-305a3a03ee15
Error: (12/27/2016 09:52:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/26/2016 09:26:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Ein Problem hat das Senden von Daten aus dem Programm zur Verbesserung der Benutzerfreundlichkeit an Microsoft verhindert (Fehler 80004005).
Error: (12/26/2016 07:56:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (12/27/2016 12:54:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 12:54:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:50:50 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:50:50 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:18:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:18:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:02:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 11:02:49 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 10:54:48 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 10:54:48 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16309.87 MB
Verfügbarer physikalischer RAM: 12250.75 MB
Summe virtueller Speicher: 32617.93 MB
Verfügbarer virtueller Speicher: 27859.56 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:65.61 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:387.3 GB) NTFS
Drive e: (Gaming etc) (Fixed) (Total:931.51 GB) (Free:889.79 GB) NTFS
Drive f: (Kram) (Fixed) (Total:596.17 GB) (Free:565.43 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 000D32A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 59787EEE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F030934C)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7FCA5EE5)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
27.12.2016, 19:49
| #3 |
| /// Malwareteam   | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
27.12.2016, 19:54
| #4 |
| | TDSSKillerCode:
ATTFilter 19:52:28.0188 0x259c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:52:31.0281 0x259c ============================================================
19:52:31.0281 0x259c Current date / time: 2016/12/27 19:52:31.0281
19:52:31.0281 0x259c SystemInfo:
19:52:31.0281 0x259c
19:52:31.0281 0x259c OS Version: 6.1.7601 ServicePack: 1.0
19:52:31.0281 0x259c Product type: Workstation
19:52:31.0281 0x259c ComputerName: JONES-PC
19:52:31.0281 0x259c UserName: jones
19:52:31.0281 0x259c Windows directory: C:\Windows
19:52:31.0281 0x259c System windows directory: C:\Windows
19:52:31.0281 0x259c Running under WOW64
19:52:31.0281 0x259c Processor architecture: Intel x64
19:52:31.0281 0x259c Number of processors: 4
19:52:31.0281 0x259c Page size: 0x1000
19:52:31.0281 0x259c Boot type: Normal boot
19:52:31.0281 0x259c CodeIntegrityOptions = 0x00000001
19:52:31.0281 0x259c ============================================================
19:52:31.0383 0x259c KLMD registered as C:\Windows\system32\drivers\66814915.sys
19:52:31.0383 0x259c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
19:52:31.0458 0x259c System UUID: {738A7EA9-8734-CBD3-8215-6CD8521AE4A8}
19:52:31.0719 0x259c Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:52:31.0727 0x259c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:52:31.0727 0x259c Drive \Device\Harddisk2\DR2 - Size: 0x950AE00000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:52:31.0728 0x259c Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:52:31.0732 0x259c ============================================================
19:52:31.0732 0x259c \Device\Harddisk0\DR0:
19:52:31.0732 0x259c MBR partitions:
19:52:31.0732 0x259c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:52:31.0732 0x259c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
19:52:31.0732 0x259c \Device\Harddisk1\DR1:
19:52:31.0732 0x259c MBR partitions:
19:52:31.0732 0x259c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:52:31.0732 0x259c \Device\Harddisk2\DR2:
19:52:31.0732 0x259c MBR partitions:
19:52:31.0732 0x259c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A855800
19:52:31.0732 0x259c \Device\Harddisk3\DR3:
19:52:31.0732 0x259c MBR partitions:
19:52:31.0732 0x259c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
19:52:31.0732 0x259c ============================================================
19:52:31.0732 0x259c C: <-> \Device\Harddisk0\DR0\Partition2
19:52:31.0749 0x259c D: <-> \Device\Harddisk1\DR1\Partition1
19:52:32.0340 0x259c F: <-> \Device\Harddisk2\DR2\Partition1
19:52:32.0340 0x259c E: <-> \Device\Harddisk3\DR3\Partition1
19:52:32.0340 0x259c ============================================================
19:52:32.0340 0x259c Initialize success
19:52:32.0340 0x259c ============================================================
19:52:39.0358 0x12e4 ============================================================
19:52:39.0358 0x12e4 Scan started
19:52:39.0358 0x12e4 Mode: Manual; SigCheck; TDLFS;
19:52:39.0358 0x12e4 ============================================================
19:52:39.0358 0x12e4 KSN ping started
19:52:39.0511 0x12e4 KSN ping finished: true
19:52:39.0993 0x12e4 ================ Scan system memory ========================
19:52:39.0993 0x12e4 System memory - ok
19:52:39.0993 0x12e4 ================ Scan services =============================
19:52:40.0022 0x12e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:52:40.0046 0x12e4 1394ohci - ok
19:52:40.0056 0x12e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:52:40.0065 0x12e4 ACPI - ok
19:52:40.0068 0x12e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:52:40.0080 0x12e4 AcpiPmi - ok
19:52:40.0083 0x12e4 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:52:40.0089 0x12e4 AdobeARMservice - ok
19:52:40.0108 0x12e4 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:52:40.0117 0x12e4 AdobeFlashPlayerUpdateSvc - ok
19:52:40.0130 0x12e4 [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
19:52:40.0143 0x12e4 AdobeUpdateService - ok
19:52:40.0151 0x12e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:52:40.0162 0x12e4 adp94xx - ok
19:52:40.0168 0x12e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:52:40.0178 0x12e4 adpahci - ok
19:52:40.0181 0x12e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:52:40.0188 0x12e4 adpu320 - ok
19:52:40.0191 0x12e4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:52:40.0198 0x12e4 AeLookupSvc - ok
19:52:40.0206 0x12e4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
19:52:40.0219 0x12e4 AFD - ok
19:52:40.0222 0x12e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:52:40.0227 0x12e4 agp440 - ok
19:52:40.0255 0x12e4 [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
19:52:40.0286 0x12e4 AGSService - ok
19:52:40.0291 0x12e4 [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus C:\Windows\syswow64\drivers\AiChargerPlus.sys
19:52:40.0297 0x12e4 AiChargerPlus - ok
19:52:40.0299 0x12e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:52:40.0306 0x12e4 ALG - ok
19:52:40.0308 0x12e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:52:40.0313 0x12e4 aliide - ok
19:52:40.0334 0x12e4 ALSysIO - ok
19:52:40.0336 0x12e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:52:40.0341 0x12e4 amdide - ok
19:52:40.0343 0x12e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:52:40.0350 0x12e4 AmdK8 - ok
19:52:40.0352 0x12e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:52:40.0359 0x12e4 AmdPPM - ok
19:52:40.0361 0x12e4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:52:40.0368 0x12e4 amdsata - ok
19:52:40.0372 0x12e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:52:40.0379 0x12e4 amdsbs - ok
19:52:40.0380 0x12e4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:52:40.0385 0x12e4 amdxata - ok
19:52:40.0401 0x12e4 [ DB84D4C096B230C8F3475953DEA37FC9, FA91A227901E8354711F6348ACD539921C02625D0A96AF2B0F82E2A2149FBFB0 ] AndroidAFD C:\Windows\syswow64\drivers\AndroidAFDx64.sys
19:52:40.0406 0x12e4 AndroidAFD - ok
19:52:40.0409 0x12e4 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
19:52:40.0417 0x12e4 AppID - ok
19:52:40.0420 0x12e4 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:52:40.0425 0x12e4 AppIDSvc - ok
19:52:40.0427 0x12e4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
19:52:40.0433 0x12e4 Appinfo - ok
19:52:40.0436 0x12e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:52:40.0442 0x12e4 arc - ok
19:52:40.0444 0x12e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:52:40.0451 0x12e4 arcsas - ok
19:52:40.0467 0x12e4 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
19:52:40.0484 0x12e4 asComSvc - ok
19:52:40.0498 0x12e4 [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
19:52:40.0515 0x12e4 asHmComSvc - ok
19:52:40.0517 0x12e4 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:52:40.0521 0x12e4 AsIO - ok
19:52:40.0524 0x12e4 [ A1EB3F68EC05EFD41176819D3CCBE094, 5E2B158F203B5D5D8851068036A60C14E8A04B9EBE72A34589BF6A479ADB06DB ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:52:40.0530 0x12e4 asmthub3 - ok
19:52:40.0537 0x12e4 [ B49B4ED4756D336DA1939D399E851067, 2B7C0526E381EABAF5EDBE7FA2C6B0BCEBC444DECED9DBF0B4C586A65181319B ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:52:40.0545 0x12e4 asmtxhci - ok
19:52:40.0554 0x12e4 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:52:40.0559 0x12e4 aspnet_state - ok
19:52:40.0562 0x12e4 [ B06E2BBAAD60967EC6B23BF39474446C, EAA12588089D65EEAFAE13D522A479CE9C69FAE27F64E098C71B224602203E53 ] AsRamDisk C:\Windows\system32\DRIVERS\asramdisk.sys
19:52:40.0567 0x12e4 AsRamDisk - ok
19:52:40.0585 0x12e4 [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
19:52:40.0610 0x12e4 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
19:52:41.0073 0x12e4 Detect skipped due to KSN trusted
19:52:41.0074 0x12e4 AsSysCtrlService - ok
19:52:41.0076 0x12e4 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
19:52:41.0080 0x12e4 AsUpIO - ok
19:52:41.0086 0x12e4 [ BDF8015F654C42A5423620E136F4DBC7, D380C329ECC1516215EC674F6875FDCC74E293DBBCC1C55E8D20947886DDB5D8 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe
19:52:41.0096 0x12e4 AsusFanControlService - ok
19:52:41.0098 0x12e4 [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
19:52:41.0103 0x12e4 ASUSFILTER - ok
19:52:41.0109 0x12e4 [ 7B899EB9FDDC9FA4C18A1B2A50900E5A, BF9FE948731881FA2ABF7341CC9B4C694C2F16F17943CCABE3CAEA4B6F50500E ] AsusGameFirstService C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe
19:52:41.0117 0x12e4 AsusGameFirstService - ok
19:52:41.0120 0x12e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:52:41.0136 0x12e4 AsyncMac - ok
19:52:41.0138 0x12e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:52:41.0142 0x12e4 atapi - ok
19:52:41.0153 0x12e4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:52:41.0170 0x12e4 AudioEndpointBuilder - ok
19:52:41.0179 0x12e4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:52:41.0192 0x12e4 AudioSrv - ok
19:52:41.0198 0x12e4 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
19:52:41.0206 0x12e4 AVP17.0.0 - ok
19:52:41.0208 0x12e4 [ BF74DEABAD7D64199C95F6A947DD2C7C, 698CCE8CB789FFD59948872A9157109CE0BA68F6C749623E3E9CC84E24459D67 ] AWEAlloc C:\Windows\system32\DRIVERS\awealloc.sys
19:52:41.0213 0x12e4 AWEAlloc - ok
19:52:41.0216 0x12e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:52:41.0230 0x12e4 AxInstSV - ok
19:52:41.0237 0x12e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:52:41.0251 0x12e4 b06bdrv - ok
19:52:41.0256 0x12e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:52:41.0265 0x12e4 b57nd60a - ok
19:52:41.0268 0x12e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:52:41.0276 0x12e4 BDESVC - ok
19:52:41.0277 0x12e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:52:41.0292 0x12e4 Beep - ok
19:52:41.0311 0x12e4 [ 77551F11061A94D76070B81EC3925C45, 29732AA704A9135572C836E6C8A08AB5A332F602E267FB5D2916C0A09189120A ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
19:52:41.0336 0x12e4 BEService - ok
19:52:41.0347 0x12e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:52:41.0363 0x12e4 BFE - ok
19:52:41.0375 0x12e4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:52:41.0402 0x12e4 BITS - ok
19:52:41.0405 0x12e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:52:41.0410 0x12e4 blbdrive - ok
19:52:41.0413 0x12e4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:52:41.0422 0x12e4 bowser - ok
19:52:41.0423 0x12e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:52:41.0431 0x12e4 BrFiltLo - ok
19:52:41.0432 0x12e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:52:41.0440 0x12e4 BrFiltUp - ok
19:52:41.0443 0x12e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:52:41.0451 0x12e4 Browser - ok
19:52:41.0457 0x12e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:52:41.0468 0x12e4 Brserid - ok
19:52:41.0470 0x12e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:52:41.0478 0x12e4 BrSerWdm - ok
19:52:41.0480 0x12e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:52:41.0487 0x12e4 BrUsbMdm - ok
19:52:41.0489 0x12e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:52:41.0495 0x12e4 BrUsbSer - ok
19:52:41.0504 0x12e4 [ 696630DD283BFCFB1E69CB3C7A2306AA, 12239354288812C00F1BCF1D5878DEE9D013880FDED0D8AD66A62F41D62E9849 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
19:52:41.0516 0x12e4 BstHdAndroidSvc - ok
19:52:41.0519 0x12e4 [ E72F15FF3DEA9DF2F7D941079DA06FF5, 5D2644C2CB3705127974E891EF4488EE25B4424923842E86C0493592BC2E8B51 ] BstHdDrv C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
19:52:41.0526 0x12e4 BstHdDrv - ok
19:52:41.0534 0x12e4 [ E379E6DC02F5082DA567DCFDF9C96257, AF2577AA2E0D6D3C3DB8DC05180B262EED9C84D4EBFFEEE228D8BCF8832148DB ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
19:52:41.0544 0x12e4 BstHdLogRotatorSvc - ok
19:52:41.0552 0x12e4 [ CC8BEAE852CC0803072E2EB0EF54AC2A, C4912C571B50F13A129BBC487969D8498B5FE92C989CC477DABC74F109A1563A ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
19:52:41.0563 0x12e4 BstHdPlusAndroidSvc - ok
19:52:41.0568 0x12e4 [ 2C6666644FD22060F6B887C70C3F1D6C, 625E7BF27487564BBBB5F08DBE78D282D026F22C97F7B0E4A2FF8DF3F58ECA99 ] BstkDrv C:\Program Files (x86)\Bluestacks\BstkDrv.sys
19:52:41.0577 0x12e4 BstkDrv - ok
19:52:41.0579 0x12e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:52:41.0587 0x12e4 BTHMODEM - ok
19:52:41.0590 0x12e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:52:41.0606 0x12e4 bthserv - ok
19:52:41.0609 0x12e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:52:41.0625 0x12e4 cdfs - ok
19:52:41.0629 0x12e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:52:41.0636 0x12e4 cdrom - ok
19:52:41.0638 0x12e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:52:41.0654 0x12e4 CertPropSvc - ok
19:52:41.0656 0x12e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:52:41.0664 0x12e4 circlass - ok
19:52:41.0670 0x12e4 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
19:52:41.0678 0x12e4 CLFS - ok
19:52:41.0719 0x12e4 [ BDED70145D7F931CAD02BD531BEB38B7, 6B6355482F7FD44ECD958BBFDC9795C8F79A60EB5294349DCB0DBBECE607A5B6 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:52:41.0761 0x12e4 ClickToRunSvc - ok
19:52:41.0766 0x12e4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:52:41.0787 0x12e4 clr_optimization_v2.0.50727_32 - ok
19:52:41.0792 0x12e4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:52:41.0803 0x12e4 clr_optimization_v2.0.50727_64 - ok
19:52:41.0810 0x12e4 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:52:41.0816 0x12e4 clr_optimization_v4.0.30319_32 - ok
19:52:41.0824 0x12e4 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:52:41.0829 0x12e4 clr_optimization_v4.0.30319_64 - ok
19:52:41.0831 0x12e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:52:41.0838 0x12e4 CmBatt - ok
19:52:41.0839 0x12e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:52:41.0844 0x12e4 cmdide - ok
19:52:41.0849 0x12e4 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
19:52:41.0857 0x12e4 cm_km - ok
19:52:41.0864 0x12e4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
19:52:41.0876 0x12e4 CNG - ok
19:52:41.0879 0x12e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:52:41.0884 0x12e4 Compbatt - ok
19:52:41.0886 0x12e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:52:41.0893 0x12e4 CompositeBus - ok
19:52:41.0894 0x12e4 COMSysApp - ok
19:52:41.0896 0x12e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:52:41.0901 0x12e4 crcdisk - ok
19:52:41.0906 0x12e4 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:52:41.0916 0x12e4 CryptSvc - ok
19:52:41.0924 0x12e4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
19:52:41.0938 0x12e4 DcomLaunch - ok
19:52:41.0943 0x12e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:52:41.0962 0x12e4 defragsvc - ok
19:52:41.0965 0x12e4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:52:41.0974 0x12e4 DfsC - ok
19:52:41.0979 0x12e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:52:41.0990 0x12e4 Dhcp - ok
19:52:42.0008 0x12e4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
19:52:42.0033 0x12e4 DiagTrack - ok
19:52:42.0036 0x12e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:52:42.0051 0x12e4 discache - ok
19:52:42.0054 0x12e4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
19:52:42.0059 0x12e4 Disk - ok
19:52:42.0062 0x12e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:52:42.0071 0x12e4 Dnscache - ok
19:52:42.0075 0x12e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:52:42.0094 0x12e4 dot3svc - ok
19:52:42.0097 0x12e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:52:42.0113 0x12e4 DPS - ok
19:52:42.0115 0x12e4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:52:42.0120 0x12e4 drmkaud - ok
19:52:42.0122 0x12e4 [ 5B4F7E7CA76F304C17BCB193FDFE9D64, 67E78F4A8AC0E4225EEFE798186FCF940CFF29575C27BBC7D608F1425E6FAC30 ] dtproscsibus C:\Windows\system32\DRIVERS\dtproscsibus.sys
19:52:42.0127 0x12e4 dtproscsibus - ok
19:52:42.0140 0x12e4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:52:42.0156 0x12e4 DXGKrnl - ok
19:52:42.0164 0x12e4 [ F2E765FA3A1261A11A6D51B7ED370727, C4224D0BCD0FDB26CB6C8BCC018BD6E1B3CC0963924182A31E904C61E6E41D01 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
19:52:42.0175 0x12e4 e1dexpress - ok
19:52:42.0178 0x12e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:52:42.0195 0x12e4 EapHost - ok
19:52:42.0232 0x12e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:52:42.0280 0x12e4 ebdrv - ok
19:52:42.0284 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\Windows\System32\lsass.exe
19:52:42.0291 0x12e4 EFS - ok
19:52:42.0301 0x12e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:52:42.0318 0x12e4 ehRecvr - ok
19:52:42.0322 0x12e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:52:42.0329 0x12e4 ehSched - ok
19:52:42.0337 0x12e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:52:42.0349 0x12e4 elxstor - ok
19:52:42.0351 0x12e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:52:42.0357 0x12e4 ErrDev - ok
19:52:42.0365 0x12e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:52:42.0385 0x12e4 EventSystem - ok
19:52:42.0389 0x12e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:52:42.0413 0x12e4 exfat - ok
19:52:42.0417 0x12e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:52:42.0463 0x12e4 fastfat - ok
19:52:42.0473 0x12e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:52:42.0488 0x12e4 Fax - ok
19:52:42.0491 0x12e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
19:52:42.0496 0x12e4 fdc - ok
19:52:42.0498 0x12e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:52:42.0513 0x12e4 fdPHost - ok
19:52:42.0515 0x12e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:52:42.0531 0x12e4 FDResPub - ok
19:52:42.0533 0x12e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:52:42.0538 0x12e4 FileInfo - ok
19:52:42.0540 0x12e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:52:42.0556 0x12e4 Filetrace - ok
19:52:42.0558 0x12e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:52:42.0564 0x12e4 flpydisk - ok
19:52:42.0569 0x12e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:52:42.0577 0x12e4 FltMgr - ok
19:52:42.0579 0x12e4 [ 83D012DD4887F2E1130090D9FE160FDE, 49252C327D187F4472B611E331527B26C45720D2C933803D4A5E1B344C2007DF ] FNETHYRAMAS C:\Windows\system32\drivers\FNETHYRAMAS.SYS
19:52:42.0583 0x12e4 FNETHYRAMAS - ok
19:52:42.0586 0x12e4 [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
19:52:42.0589 0x12e4 FNETURPX - ok
19:52:42.0606 0x12e4 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
19:52:42.0628 0x12e4 FontCache - ok
19:52:42.0631 0x12e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:52:42.0641 0x12e4 FontCache3.0.0.0 - ok
19:52:42.0643 0x12e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:52:42.0648 0x12e4 FsDepends - ok
19:52:42.0650 0x12e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:52:42.0655 0x12e4 Fs_Rec - ok
19:52:42.0659 0x12e4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:52:42.0667 0x12e4 fvevol - ok
19:52:42.0670 0x12e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:52:42.0675 0x12e4 gagp30kx - ok
19:52:42.0686 0x12e4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
19:52:42.0704 0x12e4 gpsvc - ok
19:52:42.0708 0x12e4 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:42.0714 0x12e4 gupdate - ok
19:52:42.0717 0x12e4 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:52:42.0722 0x12e4 gupdatem - ok
19:52:42.0724 0x12e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:52:42.0732 0x12e4 hcw85cir - ok
19:52:42.0738 0x12e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:52:42.0748 0x12e4 HdAudAddService - ok
19:52:42.0751 0x12e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:52:42.0759 0x12e4 HDAudBus - ok
19:52:42.0761 0x12e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:52:42.0767 0x12e4 HidBatt - ok
19:52:42.0770 0x12e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:52:42.0777 0x12e4 HidBth - ok
19:52:42.0779 0x12e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:52:42.0787 0x12e4 HidIr - ok
19:52:42.0789 0x12e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:52:42.0804 0x12e4 hidserv - ok
19:52:42.0806 0x12e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:52:42.0813 0x12e4 HidUsb - ok
19:52:42.0815 0x12e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:52:42.0831 0x12e4 hkmsvc - ok
19:52:42.0836 0x12e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:52:42.0845 0x12e4 HomeGroupListener - ok
19:52:42.0849 0x12e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:52:42.0858 0x12e4 HomeGroupProvider - ok
19:52:42.0861 0x12e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:52:42.0867 0x12e4 HpSAMD - ok
19:52:42.0879 0x12e4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:52:42.0895 0x12e4 HTTP - ok
19:52:42.0897 0x12e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:52:42.0901 0x12e4 hwpolicy - ok
19:52:42.0904 0x12e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:52:42.0911 0x12e4 i8042prt - ok
19:52:42.0930 0x12e4 [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
19:52:42.0950 0x12e4 iaStorA - ok
19:52:42.0953 0x12e4 [ 91F97C1A0ABCD7FA487E8EF7A249C15C, 834D85B7833DD1EDE0938320A68237315F60263ABCB6714974E711EBA91178E9 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
19:52:42.0958 0x12e4 iaStorF - ok
19:52:42.0964 0x12e4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:52:42.0975 0x12e4 iaStorV - ok
19:52:42.0987 0x12e4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:52:43.0003 0x12e4 idsvc - ok
19:52:43.0005 0x12e4 IEEtwCollectorService - ok
19:52:43.0008 0x12e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:52:43.0013 0x12e4 iirsp - ok
19:52:43.0024 0x12e4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:52:43.0041 0x12e4 IKEEXT - ok
19:52:43.0094 0x12e4 [ D172E06EFE08DF148155A59DB716C1B6, F059B0B37C5E944D70626E9F029BC6311029E0A9D778C9C75DDDDC59A5AF1605 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:52:43.0158 0x12e4 IntcAzAudAddService - ok
19:52:43.0173 0x12e4 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:52:43.0189 0x12e4 Intel(R) Capability Licensing Service TCP IP Interface - ok
19:52:43.0195 0x12e4 [ 03CD3245E52C8A87E3B14832DC8A6A7D, C2AAB4E754479F0AA0AE86D51E721E5A11624681D5EC823E25E460EE146E70E9 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:52:43.0202 0x12e4 Intel(R) PROSet Monitoring Service - ok
19:52:43.0204 0x12e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:52:43.0210 0x12e4 intelide - ok
19:52:43.0212 0x12e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:52:43.0217 0x12e4 intelppm - ok
19:52:43.0220 0x12e4 [ EBBB161339CC7D5FFC0749EB6BE8A126, 7FADF69EDE37BCB73FD869A60D95E1C454EBE93A0469E34EAE676BEE672EB440 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
19:52:43.0223 0x12e4 IOMap - ok
19:52:43.0226 0x12e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:52:43.0242 0x12e4 IPBusEnum - ok
19:52:43.0245 0x12e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:52:43.0261 0x12e4 IpFilterDriver - ok
19:52:43.0270 0x12e4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:52:43.0283 0x12e4 iphlpsvc - ok
19:52:43.0286 0x12e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:52:43.0293 0x12e4 IPMIDRV - ok
19:52:43.0296 0x12e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:52:43.0313 0x12e4 IPNAT - ok
19:52:43.0315 0x12e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:52:43.0323 0x12e4 IRENUM - ok
19:52:43.0324 0x12e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:52:43.0329 0x12e4 isapnp - ok
19:52:43.0334 0x12e4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:52:43.0343 0x12e4 iScsiPrt - ok
19:52:43.0350 0x12e4 [ A7A2E0D3932B1986990AC7077B1658CD, F8CC75A711E6C4E5299557F05C0C6B957E8508EA496BC74CCF4827385B046CB4 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
19:52:43.0362 0x12e4 iusb3hub - ok
19:52:43.0373 0x12e4 [ FD9C74D20E6F97EDC442091F9DBC1189, 01DD3D862FD7A429E9D79B3B1BC657594628747B0C4C124E976D733065498EDB ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:52:43.0389 0x12e4 iusb3xhc - ok
19:52:43.0394 0x12e4 [ 026A347CE1CB21E426466114E86186F7, 92A27EF652B225058E5EEE9C9CB4E20F735A476C0600B93DB9F1272B0DA855F3 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:52:43.0401 0x12e4 jhi_service - ok
19:52:43.0404 0x12e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:52:43.0409 0x12e4 kbdclass - ok
19:52:43.0411 0x12e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:52:43.0417 0x12e4 kbdhid - ok
19:52:43.0418 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\Windows\system32\lsass.exe
19:52:43.0423 0x12e4 KeyIso - ok
19:52:43.0431 0x12e4 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
19:52:43.0444 0x12e4 kl1 - ok
19:52:43.0447 0x12e4 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:52:43.0453 0x12e4 klbackupdisk - ok
19:52:43.0457 0x12e4 [ 39DFFABF0E74E1F4856EF0A9E696C337, F7CA397BC87B01EAF0A2B737447B0B84ACCD72782473CA98FA73DA3232B64AD7 ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
19:52:43.0463 0x12e4 klbackupflt - ok
19:52:43.0466 0x12e4 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
19:52:43.0472 0x12e4 kldisk - ok
19:52:43.0476 0x12e4 [ DCF9E429D30DD641F948DF7F6B1AE098, 04A2241B93FA6C543BC57FA5E7817D526F0BB98970A8DA1EF2783300227DC58C ] klflt C:\Windows\system32\DRIVERS\klflt.sys
19:52:43.0483 0x12e4 klflt - ok
19:52:43.0489 0x12e4 [ 9A5B29ADF3F6F3A09DD92C6A6C6C4C3C, F8F8FC5CEE5A39C53FB39EC8F5B55EEC318206690B81A4D32C27018294820ECB ] klhk C:\Windows\system32\DRIVERS\klhk.sys
19:52:43.0497 0x12e4 klhk - ok
19:52:43.0511 0x12e4 [ EE74069475F36F56042150ED71876D5E, DE2E87B4610A1BA4A18FB81786CE1106D367B19DDE1ADE0FD9EA2532D1A3B4D2 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
19:52:43.0528 0x12e4 KLIF - ok
19:52:43.0531 0x12e4 [ F8AE6D4060F8822D246D493359D06201, 9974A80DF0CF22ACB8A4F37E1A19E27ACB4F16429FDC194608762E02BE23FDD9 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
19:52:43.0537 0x12e4 KLIM6 - ok
19:52:43.0539 0x12e4 [ DDBA4D4C8C08E4C972D7AF7B06B84804, FDC9138316C1ADA0895BBB9358EC74CD1E1B546E09EA1079393C4E6568523612 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
19:52:43.0545 0x12e4 klkbdflt - ok
19:52:43.0547 0x12e4 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
19:52:43.0553 0x12e4 klmouflt - ok
19:52:43.0555 0x12e4 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\Windows\system32\DRIVERS\klpd.sys
19:52:43.0560 0x12e4 klpd - ok
19:52:43.0563 0x12e4 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\Windows\system32\DRIVERS\kltap.sys
19:52:43.0568 0x12e4 kltap - ok
19:52:43.0571 0x12e4 [ CFE5FD219EC7773D5674C6EDDF8C1A98, 34F7EEA492690980BE3A76E978D545CA49245E668174A51C9209B878ADA1E96A ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
19:52:43.0577 0x12e4 kltdi - ok
19:52:43.0579 0x12e4 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe
19:52:43.0585 0x12e4 klvssbrigde64 - ok
19:52:43.0588 0x12e4 [ D476ABA10C8429EB69E8F943247A5423, EC74FECA4A85D05D426D0A16A302ACA71CD47A8F1A83361D732ACC8F0A0EE971 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
19:52:43.0595 0x12e4 Klwtp - ok
19:52:43.0599 0x12e4 [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
19:52:43.0606 0x12e4 kneps - ok
19:52:43.0612 0x12e4 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
19:52:43.0619 0x12e4 KSDE1.0.0 - ok
19:52:43.0622 0x12e4 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:52:43.0628 0x12e4 KSecDD - ok
19:52:43.0631 0x12e4 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:52:43.0637 0x12e4 KSecPkg - ok
19:52:43.0639 0x12e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:52:43.0654 0x12e4 ksthunk - ok
19:52:43.0659 0x12e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:52:43.0694 0x12e4 KtmRm - ok
19:52:43.0697 0x12e4 [ 35675894CDECE9175C82A15C1481C3D8, 2DDD7B41ECECB4F3388E58A0E84AB3E2143EB408CD51E1F447F6D778B0E1EE2B ] ladfGSS C:\Windows\system32\drivers\ladfGSS.sys
19:52:43.0702 0x12e4 ladfGSS - ok
19:52:43.0707 0x12e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:52:43.0725 0x12e4 LanmanServer - ok
19:52:43.0729 0x12e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:52:43.0745 0x12e4 LanmanWorkstation - ok
19:52:43.0748 0x12e4 [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
19:52:43.0753 0x12e4 LGBusEnum - ok
19:52:43.0755 0x12e4 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
19:52:43.0759 0x12e4 LGCoreTemp - ok
19:52:43.0761 0x12e4 [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
19:52:43.0766 0x12e4 LGJoyXlCore - ok
19:52:43.0768 0x12e4 [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
19:52:43.0773 0x12e4 LGVirHid - ok
19:52:43.0775 0x12e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:52:43.0791 0x12e4 lltdio - ok
19:52:43.0796 0x12e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:52:43.0822 0x12e4 lltdsvc - ok
19:52:43.0824 0x12e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:52:43.0839 0x12e4 lmhosts - ok
19:52:43.0845 0x12e4 [ D18683083B0EDDAC749F5D2720B25C1E, E0306171CDE8877FBC3EE63A07E3942EC73545C99E2B72D6447DE6E6BAD522C5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:52:43.0856 0x12e4 LMS - ok
19:52:43.0860 0x12e4 [ 102E0AA783836F31D44212D2F2BCC0AB, 95E948EDD4EBC5ABB42481FD3A98BBE9797AAB1753AF88EAD213FC6526BDC58A ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
19:52:43.0866 0x12e4 LogiRegistryService - ok
19:52:43.0870 0x12e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:52:43.0876 0x12e4 LSI_FC - ok
19:52:43.0878 0x12e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:52:43.0884 0x12e4 LSI_SAS - ok
19:52:43.0887 0x12e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:52:43.0893 0x12e4 LSI_SAS2 - ok
19:52:43.0895 0x12e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:52:43.0901 0x12e4 LSI_SCSI - ok
19:52:43.0904 0x12e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:52:43.0920 0x12e4 luafv - ok
19:52:43.0922 0x12e4 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:52:43.0928 0x12e4 MBAMProtector - ok
19:52:43.0985 0x12e4 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler D:\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:52:44.0009 0x12e4 MBAMScheduler - ok
19:52:44.0038 0x12e4 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService D:\ Malwarebytes Anti-Malware \mbamservice.exe
19:52:44.0056 0x12e4 MBAMService - ok
19:52:44.0061 0x12e4 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:52:44.0074 0x12e4 MBAMSwissArmy - ok
19:52:44.0076 0x12e4 [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:52:44.0082 0x12e4 MBAMWebAccessControl - ok
19:52:44.0084 0x12e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:52:44.0095 0x12e4 Mcx2Svc - ok
19:52:44.0098 0x12e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:52:44.0104 0x12e4 megasas - ok
19:52:44.0109 0x12e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:52:44.0117 0x12e4 MegaSR - ok
19:52:44.0121 0x12e4 [ 3C8F0579C288AF5578D3A1515E08B4C9, EB5B5F5014458BBC500E2234845A6D5988455BA0A69A4B1D37B0896117315A66 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
19:52:44.0128 0x12e4 MEIx64 - ok
19:52:44.0130 0x12e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:52:44.0146 0x12e4 MMCSS - ok
19:52:44.0148 0x12e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:52:44.0163 0x12e4 Modem - ok
19:52:44.0165 0x12e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:52:44.0172 0x12e4 monitor - ok
19:52:44.0174 0x12e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:52:44.0179 0x12e4 mouclass - ok
19:52:44.0180 0x12e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:52:44.0186 0x12e4 mouhid - ok
19:52:44.0189 0x12e4 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:52:44.0194 0x12e4 mountmgr - ok
19:52:44.0198 0x12e4 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:52:44.0205 0x12e4 MozillaMaintenance - ok
19:52:44.0209 0x12e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:52:44.0215 0x12e4 mpio - ok
19:52:44.0218 0x12e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:52:44.0234 0x12e4 mpsdrv - ok
19:52:44.0246 0x12e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:52:44.0272 0x12e4 MpsSvc - ok
19:52:44.0276 0x12e4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:52:44.0284 0x12e4 MRxDAV - ok
19:52:44.0288 0x12e4 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:52:44.0295 0x12e4 mrxsmb - ok
19:52:44.0300 0x12e4 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:52:44.0310 0x12e4 mrxsmb10 - ok
19:52:44.0313 0x12e4 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:52:44.0320 0x12e4 mrxsmb20 - ok
19:52:44.0322 0x12e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:52:44.0326 0x12e4 msahci - ok
19:52:44.0329 0x12e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:52:44.0336 0x12e4 msdsm - ok
19:52:44.0340 0x12e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:52:44.0348 0x12e4 MSDTC - ok
19:52:44.0350 0x12e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:52:44.0366 0x12e4 Msfs - ok
19:52:44.0368 0x12e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:52:44.0383 0x12e4 mshidkmdf - ok
19:52:44.0385 0x12e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:52:44.0389 0x12e4 msisadrv - ok
19:52:44.0393 0x12e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:52:44.0415 0x12e4 MSiSCSI - ok
19:52:44.0416 0x12e4 msiserver - ok
19:52:44.0418 0x12e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:52:44.0433 0x12e4 MSKSSRV - ok
19:52:44.0436 0x12e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:52:44.0451 0x12e4 MSPCLOCK - ok
19:52:44.0453 0x12e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:52:44.0468 0x12e4 MSPQM - ok
19:52:44.0475 0x12e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:52:44.0484 0x12e4 MsRPC - ok
19:52:44.0487 0x12e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:52:44.0491 0x12e4 mssmbios - ok
19:52:44.0493 0x12e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:52:44.0508 0x12e4 MSTEE - ok
19:52:44.0510 0x12e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:52:44.0516 0x12e4 MTConfig - ok
19:52:44.0518 0x12e4 [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup C:\Windows\system32\Drivers\mup.sys
19:52:44.0524 0x12e4 Mup - ok
19:52:44.0532 0x12e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:52:44.0553 0x12e4 napagent - ok
19:52:44.0559 0x12e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:52:44.0570 0x12e4 NativeWifiP - ok
19:52:44.0583 0x12e4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:52:44.0600 0x12e4 NDIS - ok
19:52:44.0603 0x12e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:52:44.0619 0x12e4 NdisCap - ok
19:52:44.0621 0x12e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:52:44.0635 0x12e4 NdisTapi - ok
19:52:44.0637 0x12e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:52:44.0653 0x12e4 Ndisuio - ok
19:52:44.0656 0x12e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:52:44.0673 0x12e4 NdisWan - ok
19:52:44.0675 0x12e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:52:44.0690 0x12e4 NDProxy - ok
19:52:44.0692 0x12e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:52:44.0708 0x12e4 NetBIOS - ok
19:52:44.0712 0x12e4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:52:44.0722 0x12e4 NetBT - ok
19:52:44.0723 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\Windows\system32\lsass.exe
19:52:44.0729 0x12e4 Netlogon - ok
19:52:44.0735 0x12e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:52:44.0755 0x12e4 Netman - ok
19:52:44.0758 0x12e4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:44.0765 0x12e4 NetMsmqActivator - ok
19:52:44.0767 0x12e4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:44.0773 0x12e4 NetPipeActivator - ok
19:52:44.0780 0x12e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:52:44.0801 0x12e4 netprofm - ok
19:52:44.0805 0x12e4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:44.0811 0x12e4 NetTcpActivator - ok
19:52:44.0814 0x12e4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:52:44.0819 0x12e4 NetTcpPortSharing - ok
19:52:44.0822 0x12e4 [ 44A55A80E99C9EBED345D1D58602EC58, 2FC83271C50340DB0F5DE8CF56B4B6E7E598E37444821A64999B2C4AAC8C8363 ] NFC_Driver C:\Windows\system32\drivers\NFC_Driver.sys
19:52:44.0827 0x12e4 NFC_Driver - ok
19:52:44.0829 0x12e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:52:44.0834 0x12e4 nfrd960 - ok
19:52:44.0839 0x12e4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:52:44.0850 0x12e4 NlaSvc - ok
19:52:44.0852 0x12e4 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
19:52:44.0857 0x12e4 NPF - ok
19:52:44.0859 0x12e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:52:44.0874 0x12e4 Npfs - ok
19:52:44.0877 0x12e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:52:44.0896 0x12e4 nsi - ok
19:52:44.0898 0x12e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:52:44.0912 0x12e4 nsiproxy - ok
19:52:44.0934 0x12e4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:52:44.0963 0x12e4 Ntfs - ok
19:52:44.0966 0x12e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:52:44.0981 0x12e4 Null - ok
19:52:44.0989 0x12e4 [ B5A377E4D70A561CFE60A861D22CE883, 0E412DD03B1963B333C08B9DF1FD5E0A0E480A7F0DC5E4B61BCC418A81C690DE ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:52:44.0999 0x12e4 NvContainerLocalSystem - ok
19:52:45.0006 0x12e4 [ B5A377E4D70A561CFE60A861D22CE883, 0E412DD03B1963B333C08B9DF1FD5E0A0E480A7F0DC5E4B61BCC418A81C690DE ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:52:45.0015 0x12e4 NvContainerNetworkService - ok
19:52:45.0021 0x12e4 [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:52:45.0028 0x12e4 NVHDA - ok
19:52:45.0043 0x12e4 [ 0B7CFF94C247E661A9D5F7FDAB2F726B, 16D651A50347131CC6B96EB17096EFB22F9767572964E6C12CA1BF928E6C1397 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
19:52:45.0063 0x12e4 NVIDIA Wireless Controller Service - ok
19:52:45.0219 0x12e4 [ BA4D6FE549BF231DFEC00EEA74D6E80D, 9BEAAA012B1CFD5C103C9CDC1B32E9CF25EF17F7EFD9C3003075F8DCFE2118A3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:52:45.0375 0x12e4 nvlddmkm - ok
19:52:45.0388 0x12e4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:52:45.0395 0x12e4 nvraid - ok
19:52:45.0399 0x12e4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:52:45.0407 0x12e4 nvstor - ok
19:52:45.0408 0x12e4 NvStreamKms - ok
19:52:45.0416 0x12e4 [ A66A3EEEB383B6084EE75E8982725A23, 7A589B9C370623263E43D0FA1C6F5830F157ACDC111E11DC49B2B6E8BF5F0F74 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
19:52:45.0427 0x12e4 NvTelemetryContainer - ok
19:52:45.0429 0x12e4 [ 4061D60DE18BDEEBC1F68EB693466EE0, 9F55273D47361C5C6D5FCFDAA533567FF3643E636C0630F8F611A993D4AFD065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:52:45.0433 0x12e4 nvvad_WaveExtensible - ok
19:52:45.0436 0x12e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:52:45.0443 0x12e4 nv_agp - ok
19:52:45.0445 0x12e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:52:45.0452 0x12e4 ohci1394 - ok
19:52:45.0478 0x12e4 [ AD851D818F399DD946A9C17AB2156F22, 4A541E7A3A3164581BFB9080DE0976E18F6DD00E39458EBBCBD3B2445708BEB5 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:52:45.0510 0x12e4 Origin Client Service - ok
19:52:45.0537 0x12e4 [ 788363C87EBD90AC1EAD2DC5A9A40759, B565663B459414C5C9F81451D9A127D62CDF605BC2A9E686F74A2E4FD44A9B43 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
19:52:45.0569 0x12e4 Origin Web Helper Service - ok
19:52:45.0575 0x12e4 [ D1AF4C86F851F9A345A400FD3B9D673A, BCC7B3AF92A2AB09CC52FB10107E209C02AC078E5F0197AEC40D7AE56F3A7CA0 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:52:45.0584 0x12e4 ose64 - ok
19:52:45.0643 0x12e4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:52:45.0714 0x12e4 osppsvc - ok
19:52:45.0722 0x12e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:52:45.0734 0x12e4 p2pimsvc - ok
19:52:45.0741 0x12e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:52:45.0753 0x12e4 p2psvc - ok
19:52:45.0756 0x12e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:52:45.0762 0x12e4 Parport - ok
19:52:45.0765 0x12e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:52:45.0770 0x12e4 partmgr - ok
19:52:45.0774 0x12e4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
19:52:45.0784 0x12e4 PcaSvc - ok
19:52:45.0788 0x12e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:52:45.0794 0x12e4 pci - ok
19:52:45.0796 0x12e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:52:45.0801 0x12e4 pciide - ok
19:52:45.0805 0x12e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:52:45.0813 0x12e4 pcmcia - ok
19:52:45.0816 0x12e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:52:45.0820 0x12e4 pcw - ok
19:52:45.0824 0x12e4 [ A590C560859893891911111CA874A83D, AC7F8DA22268E061B5D97C505F2244864C9BFAA3397C32537B0012C6EA8D5EDE ] PDF24 C:\Program Files (x86)\PDF24\pdf24.exe
19:52:45.0832 0x12e4 PDF24 - ok
19:52:45.0841 0x12e4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:52:45.0857 0x12e4 PEAUTH - ok
19:52:45.0874 0x12e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:52:45.0880 0x12e4 PerfHost - ok
19:52:45.0900 0x12e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:52:45.0933 0x12e4 pla - ok
19:52:45.0941 0x12e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:52:45.0953 0x12e4 PlugPlay - ok
19:52:45.0955 0x12e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:52:45.0961 0x12e4 PNRPAutoReg - ok
19:52:45.0966 0x12e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:52:45.0975 0x12e4 PNRPsvc - ok
19:52:45.0983 0x12e4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:52:45.0996 0x12e4 PolicyAgent - ok
19:52:46.0000 0x12e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:52:46.0018 0x12e4 Power - ok
19:52:46.0021 0x12e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:52:46.0037 0x12e4 PptpMiniport - ok
19:52:46.0039 0x12e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:52:46.0046 0x12e4 Processor - ok
19:52:46.0050 0x12e4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:52:46.0060 0x12e4 ProfSvc - ok
19:52:46.0061 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:52:46.0066 0x12e4 ProtectedStorage - ok
19:52:46.0070 0x12e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:52:46.0085 0x12e4 Psched - ok
19:52:46.0105 0x12e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:52:46.0137 0x12e4 ql2300 - ok
19:52:46.0141 0x12e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:52:46.0147 0x12e4 ql40xx - ok
19:52:46.0151 0x12e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:52:46.0162 0x12e4 QWAVE - ok
19:52:46.0164 0x12e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:52:46.0172 0x12e4 QWAVEdrv - ok
19:52:46.0174 0x12e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:52:46.0190 0x12e4 RasAcd - ok
19:52:46.0192 0x12e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:52:46.0208 0x12e4 RasAgileVpn - ok
19:52:46.0210 0x12e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:52:46.0227 0x12e4 RasAuto - ok
19:52:46.0230 0x12e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:52:46.0247 0x12e4 Rasl2tp - ok
19:52:46.0253 0x12e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:52:46.0272 0x12e4 RasMan - ok
19:52:46.0275 0x12e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:52:46.0291 0x12e4 RasPppoe - ok
19:52:46.0294 0x12e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:52:46.0310 0x12e4 RasSstp - ok
19:52:46.0314 0x12e4 [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
19:52:46.0322 0x12e4 Razer Game Scanner Service - ok
19:52:46.0327 0x12e4 [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:52:46.0338 0x12e4 rdbss - ok
19:52:46.0340 0x12e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:52:46.0347 0x12e4 rdpbus - ok
19:52:46.0348 0x12e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:52:46.0363 0x12e4 RDPCDD - ok
19:52:46.0365 0x12e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:52:46.0380 0x12e4 RDPENCDD - ok
19:52:46.0382 0x12e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:52:46.0397 0x12e4 RDPREFMP - ok
19:52:46.0399 0x12e4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:52:46.0408 0x12e4 RdpVideoMiniport - ok
19:52:46.0412 0x12e4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:52:46.0434 0x12e4 RDPWD - ok
19:52:46.0438 0x12e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:52:46.0445 0x12e4 rdyboost - ok
19:52:46.0447 0x12e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:52:46.0464 0x12e4 RemoteAccess - ok
19:52:46.0468 0x12e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:52:46.0485 0x12e4 RemoteRegistry - ok
19:52:46.0489 0x12e4 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
19:52:46.0494 0x12e4 rpcapd - ok
19:52:46.0497 0x12e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:52:46.0513 0x12e4 RpcEptMapper - ok
19:52:46.0515 0x12e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:52:46.0521 0x12e4 RpcLocator - ok
19:52:46.0532 0x12e4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
19:52:46.0543 0x12e4 RpcSs - ok
19:52:46.0545 0x12e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:52:46.0561 0x12e4 rspndr - ok
19:52:46.0563 0x12e4 [ 5709A79EC6011BF109C7167DDC6EC603, BB6B939C5FD8CD3E88FD115C1D4ABF7E05FC33A03C041079CC7F078C8FA43FE7 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
19:52:46.0568 0x12e4 rzendpt - ok
19:52:46.0571 0x12e4 [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
19:52:46.0575 0x12e4 rzpmgrk - ok
19:52:46.0579 0x12e4 [ B4598C05D5440250633E25933FFF42B0, A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512 ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
19:52:46.0584 0x12e4 rzpnk - ok
19:52:46.0588 0x12e4 [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
19:52:46.0594 0x12e4 rzudd - ok
19:52:46.0596 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\Windows\system32\lsass.exe
19:52:46.0601 0x12e4 SamSs - ok
19:52:46.0604 0x12e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:52:46.0610 0x12e4 sbp2port - ok
19:52:46.0614 0x12e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:52:46.0631 0x12e4 SCardSvr - ok
19:52:46.0633 0x12e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:52:46.0648 0x12e4 scfilter - ok
19:52:46.0663 0x12e4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
19:52:46.0684 0x12e4 Schedule - ok
19:52:46.0689 0x12e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:52:46.0704 0x12e4 SCPolicySvc - ok
19:52:46.0707 0x12e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:52:46.0716 0x12e4 SDRSVC - ok
19:52:46.0718 0x12e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:52:46.0730 0x12e4 secdrv - ok
19:52:46.0733 0x12e4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
19:52:46.0739 0x12e4 seclogon - ok
19:52:46.0742 0x12e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:52:46.0758 0x12e4 SENS - ok
19:52:46.0760 0x12e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:52:46.0767 0x12e4 SensrSvc - ok
19:52:46.0769 0x12e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:52:46.0775 0x12e4 Serenum - ok
19:52:46.0777 0x12e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
19:52:46.0784 0x12e4 Serial - ok
19:52:46.0786 0x12e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:52:46.0793 0x12e4 sermouse - ok
19:52:46.0798 0x12e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:52:46.0816 0x12e4 SessionEnv - ok
19:52:46.0817 0x12e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:52:46.0824 0x12e4 sffdisk - ok
19:52:46.0826 0x12e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:52:46.0832 0x12e4 sffp_mmc - ok
19:52:46.0834 0x12e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:52:46.0841 0x12e4 sffp_sd - ok
19:52:46.0843 0x12e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:52:46.0849 0x12e4 sfloppy - ok
19:52:46.0855 0x12e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:52:46.0875 0x12e4 SharedAccess - ok
19:52:46.0882 0x12e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:52:46.0901 0x12e4 ShellHWDetection - ok
19:52:46.0904 0x12e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:52:46.0909 0x12e4 SiSRaid2 - ok
19:52:46.0912 0x12e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:52:46.0917 0x12e4 SiSRaid4 - ok
19:52:46.0920 0x12e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:52:46.0936 0x12e4 Smb - ok
19:52:46.0940 0x12e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:52:46.0946 0x12e4 SNMPTRAP - ok
19:52:46.0949 0x12e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:52:46.0954 0x12e4 spldr - ok
19:52:46.0962 0x12e4 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
19:52:46.0984 0x12e4 Spooler - ok
19:52:47.0028 0x12e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:52:47.0082 0x12e4 sppsvc - ok
19:52:47.0087 0x12e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:52:47.0103 0x12e4 sppuinotify - ok
19:52:47.0106 0x12e4 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:52:47.0112 0x12e4 SQLWriter - ok
19:52:47.0120 0x12e4 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:52:47.0131 0x12e4 srv - ok
19:52:47.0138 0x12e4 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:52:47.0148 0x12e4 srv2 - ok
19:52:47.0152 0x12e4 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:52:47.0158 0x12e4 srvnet - ok
19:52:47.0162 0x12e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:52:47.0181 0x12e4 SSDPSRV - ok
19:52:47.0184 0x12e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:52:47.0200 0x12e4 SstpSvc - ok
19:52:47.0220 0x12e4 [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:52:47.0240 0x12e4 Steam Client Service - ok
19:52:47.0242 0x12e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:52:47.0248 0x12e4 stexstor - ok
19:52:47.0257 0x12e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:52:47.0272 0x12e4 stisvc - ok
19:52:47.0276 0x12e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:52:47.0280 0x12e4 swenum - ok
19:52:47.0288 0x12e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:52:47.0311 0x12e4 swprv - ok
19:52:47.0333 0x12e4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
19:52:47.0363 0x12e4 SysMain - ok
19:52:47.0367 0x12e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:52:47.0376 0x12e4 TabletInputService - ok
19:52:47.0378 0x12e4 [ B7D10C680D4C9D2224525B10E64DE6F1, 036263FEA76478B35099C2EF854B4AB8785EA40C3053FC7B2533ADC907E5A324 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:52:47.0384 0x12e4 taphss6 - ok
19:52:47.0390 0x12e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:52:47.0409 0x12e4 TapiSrv - ok
19:52:47.0433 0x12e4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:52:47.0463 0x12e4 Tcpip - ok
19:52:47.0488 0x12e4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:52:47.0511 0x12e4 TCPIP6 - ok
19:52:47.0515 0x12e4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:52:47.0522 0x12e4 tcpipreg - ok
19:52:47.0524 0x12e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:52:47.0531 0x12e4 TDPIPE - ok
19:52:47.0533 0x12e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:52:47.0539 0x12e4 TDTCP - ok
19:52:47.0541 0x12e4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:52:47.0548 0x12e4 tdx - ok
19:52:47.0550 0x12e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:52:47.0555 0x12e4 TermDD - ok
19:52:47.0565 0x12e4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:52:47.0581 0x12e4 TermService - ok
19:52:47.0583 0x12e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:52:47.0592 0x12e4 Themes - ok
19:52:47.0595 0x12e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:52:47.0610 0x12e4 THREADORDER - ok
19:52:47.0614 0x12e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:52:47.0631 0x12e4 TrkWks - ok
19:52:47.0635 0x12e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:52:47.0651 0x12e4 TrustedInstaller - ok
19:52:47.0654 0x12e4 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:52:47.0661 0x12e4 tssecsrv - ok
19:52:47.0663 0x12e4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:52:47.0670 0x12e4 TsUsbFlt - ok
19:52:47.0672 0x12e4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:52:47.0679 0x12e4 TsUsbGD - ok
19:52:47.0682 0x12e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:52:47.0698 0x12e4 tunnel - ok
19:52:47.0700 0x12e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:52:47.0706 0x12e4 uagp35 - ok
19:52:47.0712 0x12e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:52:47.0730 0x12e4 udfs - ok
19:52:47.0734 0x12e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:52:47.0741 0x12e4 UI0Detect - ok
19:52:47.0743 0x12e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:52:47.0749 0x12e4 uliagpkx - ok
19:52:47.0751 0x12e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:52:47.0758 0x12e4 umbus - ok
19:52:47.0759 0x12e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:52:47.0764 0x12e4 UmPass - ok
19:52:47.0770 0x12e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:52:47.0791 0x12e4 upnphost - ok
19:52:47.0794 0x12e4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:52:47.0801 0x12e4 usbaudio - ok
19:52:47.0804 0x12e4 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:52:47.0811 0x12e4 usbccgp - ok
19:52:47.0814 0x12e4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:52:47.0822 0x12e4 usbcir - ok
19:52:47.0824 0x12e4 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:52:47.0832 0x12e4 usbehci - ok
19:52:47.0838 0x12e4 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:52:47.0848 0x12e4 usbhub - ok
19:52:47.0849 0x12e4 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:52:47.0855 0x12e4 usbohci - ok
19:52:47.0858 0x12e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:52:47.0865 0x12e4 usbprint - ok
19:52:47.0867 0x12e4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:52:47.0875 0x12e4 USBSTOR - ok
19:52:47.0878 0x12e4 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:52:47.0883 0x12e4 usbuhci - ok
19:52:47.0885 0x12e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:52:47.0902 0x12e4 UxSms - ok
19:52:47.0904 0x12e4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\Windows\system32\lsass.exe
19:52:47.0910 0x12e4 VaultSvc - ok
19:52:47.0924 0x12e4 [ AFFEB7E70B7FC63C7B74E04FEB12107F, 00A70FB8A0B4D03AC49ED63220E00C741E2ED37E1DEBCA38A2F02E879F74FF8A ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:52:47.0942 0x12e4 VBoxDrv - ok
19:52:47.0947 0x12e4 [ D74B3E9B5EA427D6F02E1F32CF7B7A80, F421636979060FEFE9D9CBC239A8C666FD0D52974618E9E811E17F32B3EB47D8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
19:52:47.0953 0x12e4 VBoxNetAdp - ok
19:52:47.0958 0x12e4 [ 5BFA29B0B523DCB1A8422895B0A4AB96, 896988718D7FB0DF82D98B8C8001AEA7BAC01698E4FB212A00F12299C7176820 ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
19:52:47.0964 0x12e4 VBoxNetLwf - ok
19:52:47.0968 0x12e4 [ 9F698CBE4B2B50EAE162182D2036186B, 22F38074D9D5463DC21E919C31BFF85A45B11B741E4CB194B96CD3C95CC800EA ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:52:47.0974 0x12e4 VBoxUSBMon - ok
19:52:47.0976 0x12e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:52:47.0981 0x12e4 vdrvroot - ok
19:52:47.0989 0x12e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:52:48.0010 0x12e4 vds - ok
19:52:48.0012 0x12e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:52:48.0019 0x12e4 vga - ok
19:52:48.0021 0x12e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:52:48.0036 0x12e4 VgaSave - ok
19:52:48.0040 0x12e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:52:48.0048 0x12e4 vhdmp - ok
19:52:48.0050 0x12e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:52:48.0055 0x12e4 viaide - ok
19:52:48.0057 0x12e4 VMnetAdapter - ok
19:52:48.0059 0x12e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:52:48.0065 0x12e4 volmgr - ok
19:52:48.0071 0x12e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:52:48.0080 0x12e4 volmgrx - ok
19:52:48.0085 0x12e4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:52:48.0093 0x12e4 volsnap - ok
19:52:48.0097 0x12e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:52:48.0104 0x12e4 vsmraid - ok
19:52:48.0124 0x12e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:52:48.0161 0x12e4 VSS - ok
19:52:48.0165 0x12e4 [ BE6C456AE7620B86A7273CBD11A3D450, DEBBB12CB9771722D8258FDF9ECC4ED035BD7090371A975928D11F6B9EDC0C59 ] VSStandardCollectorService140 C:\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
19:52:48.0172 0x12e4 VSStandardCollectorService140 - ok
19:52:48.0174 0x12e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:52:48.0180 0x12e4 vwifibus - ok
19:52:48.0187 0x12e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:52:48.0207 0x12e4 W32Time - ok
19:52:48.0210 0x12e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:52:48.0216 0x12e4 WacomPen - ok
19:52:48.0219 0x12e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:52:48.0234 0x12e4 WANARP - ok
19:52:48.0236 0x12e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:52:48.0251 0x12e4 Wanarpv6 - ok
19:52:48.0271 0x12e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:52:48.0294 0x12e4 wbengine - ok
19:52:48.0299 0x12e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:52:48.0310 0x12e4 WbioSrvc - ok
19:52:48.0315 0x12e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:52:48.0328 0x12e4 wcncsvc - ok
19:52:48.0330 0x12e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:52:48.0338 0x12e4 WcsPlugInService - ok
19:52:48.0340 0x12e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:52:48.0344 0x12e4 Wd - ok
19:52:48.0356 0x12e4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:52:48.0371 0x12e4 Wdf01000 - ok
19:52:48.0374 0x12e4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:52:48.0382 0x12e4 WdiServiceHost - ok
19:52:48.0384 0x12e4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:52:48.0391 0x12e4 WdiSystemHost - ok
19:52:48.0395 0x12e4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
19:52:48.0404 0x12e4 WebClient - ok
19:52:48.0408 0x12e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:52:48.0427 0x12e4 Wecsvc - ok
19:52:48.0430 0x12e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:52:48.0447 0x12e4 wercplsupport - ok
19:52:48.0450 0x12e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:52:48.0467 0x12e4 WerSvc - ok
19:52:48.0468 0x12e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:52:48.0483 0x12e4 WfpLwf - ok
19:52:48.0485 0x12e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:52:48.0490 0x12e4 WIMMount - ok
19:52:48.0491 0x12e4 WinDefend - ok
19:52:48.0493 0x12e4 WinHttpAutoProxySvc - ok
19:52:48.0499 0x12e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:52:48.0517 0x12e4 Winmgmt - ok
19:52:48.0542 0x12e4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
19:52:48.0576 0x12e4 WinRM - ok
19:52:48.0581 0x12e4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:52:48.0588 0x12e4 WinUsb - ok
19:52:48.0600 0x12e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:52:48.0620 0x12e4 Wlansvc - ok
19:52:48.0622 0x12e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:52:48.0627 0x12e4 WmiAcpi - ok
19:52:48.0632 0x12e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:52:48.0640 0x12e4 wmiApSrv - ok
19:52:48.0641 0x12e4 WMPNetworkSvc - ok
19:52:48.0643 0x12e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:52:48.0650 0x12e4 WPCSvc - ok
19:52:48.0653 0x12e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:52:48.0661 0x12e4 WPDBusEnum - ok
19:52:48.0663 0x12e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:52:48.0680 0x12e4 ws2ifsl - ok
19:52:48.0683 0x12e4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:52:48.0692 0x12e4 wscsvc - ok
19:52:48.0695 0x12e4 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:52:48.0701 0x12e4 WSDPrintDevice - ok
19:52:48.0703 0x12e4 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
19:52:48.0710 0x12e4 WSDScan - ok
19:52:48.0712 0x12e4 WSearch - ok
19:52:48.0743 0x12e4 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
19:52:48.0783 0x12e4 wuauserv - ok
19:52:48.0787 0x12e4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:52:48.0794 0x12e4 WudfPf - ok
19:52:48.0798 0x12e4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:52:48.0806 0x12e4 WUDFRd - ok
19:52:48.0808 0x12e4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:52:48.0815 0x12e4 wudfsvc - ok
19:52:48.0820 0x12e4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:52:48.0830 0x12e4 WwanSvc - ok
19:52:48.0833 0x12e4 [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy C:\Windows\system32\drivers\xspltspk.sys
19:52:48.0841 0x12e4 XSplit_Dummy - ok
19:52:48.0844 0x12e4 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:52:48.0851 0x12e4 xusb21 - ok
19:52:48.0854 0x12e4 ================ Scan global ===============================
19:52:48.0855 0x12e4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:52:48.0860 0x12e4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
19:52:48.0867 0x12e4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
19:52:48.0871 0x12e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:52:48.0877 0x12e4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:52:48.0883 0x12e4 [ Global ] - ok
19:52:48.0883 0x12e4 ================ Scan MBR ==================================
19:52:48.0884 0x12e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:52:48.0924 0x12e4 \Device\Harddisk0\DR0 - ok
19:52:48.0925 0x12e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:52:48.0984 0x12e4 \Device\Harddisk1\DR1 - ok
19:52:49.0000 0x12e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:52:49.0049 0x12e4 \Device\Harddisk2\DR2 - ok
19:52:49.0050 0x12e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
19:52:49.0061 0x12e4 \Device\Harddisk3\DR3 - ok
19:52:49.0061 0x12e4 ================ Scan VBR ==================================
19:52:49.0062 0x12e4 [ B4A631F6D039B250882FC45EBA194DB4 ] \Device\Harddisk0\DR0\Partition1
19:52:49.0063 0x12e4 \Device\Harddisk0\DR0\Partition1 - ok
19:52:49.0064 0x12e4 [ D732BED31BB99DE3616366F95B93BF35 ] \Device\Harddisk0\DR0\Partition2
19:52:49.0065 0x12e4 \Device\Harddisk0\DR0\Partition2 - ok
19:52:49.0065 0x12e4 [ 745890E12D7388B7399177D6701BB8AB ] \Device\Harddisk1\DR1\Partition1
19:52:49.0066 0x12e4 \Device\Harddisk1\DR1\Partition1 - ok
19:52:49.0067 0x12e4 [ B79F7ED9F03C138F98C505AAE4FCE0F0 ] \Device\Harddisk2\DR2\Partition1
19:52:49.0068 0x12e4 \Device\Harddisk2\DR2\Partition1 - ok
19:52:49.0069 0x12e4 [ 6DFB66FC515D44F9036D85F2FFF05209 ] \Device\Harddisk3\DR3\Partition1
19:52:49.0069 0x12e4 \Device\Harddisk3\DR3\Partition1 - ok
19:52:49.0070 0x12e4 ================ Scan generic autorun ======================
19:52:49.0071 0x12e4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:52:49.0077 0x12e4 ShadowPlay - ok
19:52:49.0287 0x12e4 [ 23D6372CDF9D045BA22F50EF6889E025, 3F41E7CF5019ABEAF917FA86A0E182AAF1A3F18890767A82EFE3BFCEBA229CA1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:52:49.0501 0x12e4 Launch LCore - ok
19:52:49.0516 0x12e4 [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:52:49.0525 0x12e4 AdobeAAMUpdater-1.0 - ok
19:52:49.0534 0x12e4 [ 26443C4332B966C44481D1DE8D1BCBB4, 2407EE6A227D2F52AE0AB270FCBECB00242F715B4A63CE2E0362D388740FB67B ] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
19:52:49.0543 0x12e4 ASUS AiChargerPlus Execute - ok
19:52:49.0545 0x12e4 AO Link Server - ok
19:52:49.0594 0x12e4 [ B2E937648C1C1A20D1F2F7E0858371CA, 68B69D98874A36B694246238021ECF6F6C6B19C11D4A02982D625D45083EFA53 ] C:\Program Files (x86)\ROGRAMCACHE\RamCache.exe
19:52:49.0644 0x12e4 ROGRAMCACHE - ok
19:52:49.0651 0x12e4 [ CB46168FFDEA91E2B3435E51BB436558, 848D12E11B79722B07C42D848D831C6B782E1338B8F844924CB8938FE11F379D ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:52:49.0659 0x12e4 USB3MON - ok
19:52:49.0659 0x12e4 Sidebar - ok
19:52:49.0662 0x12e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:52:49.0676 0x12e4 mctadmin - ok
19:52:49.0677 0x12e4 Sidebar - ok
19:52:49.0679 0x12e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:52:49.0688 0x12e4 mctadmin - ok
19:52:49.0781 0x12e4 [ FF206944E3A8590FABE10FB2C321AA6D, 77C555667674C9E4473C64921C5F2A7D723FBE28A73EB5EBAA777CD04D11C06B ] D:\Steam\steam.exe
19:52:49.0815 0x12e4 Steam - ok
19:52:49.0857 0x12e4 [ C1CE66436AFE9216A3E7C650C3D0F8AB, B2EF7A948604FB531A9744AACE2706C20B38CE14AD122CF5BA4B670078D155D9 ] C:\Program Files (x86)\Gyazo\GyStation.exe
19:52:49.0899 0x12e4 Gyazo - ok
19:52:49.0905 0x12e4 Discord - ok
19:52:49.0930 0x12e4 [ 7B05534246A9F448BD561964FC0DE4B6, 23BE91AD88DF5326A9B1889B3BDE2C76BD7DE0949E0F38A09CBDC59175BA7F75 ] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
19:52:49.0951 0x12e4 BlueStacks Agent - ok
19:52:49.0962 0x12e4 [ 62632181F67A583D866D9B02ADBBE79A, ECF3126807808857265CFA5B4D53D2BB1419FD559D3557AE511A4053D08A7F72 ] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
19:52:49.0972 0x12e4 MySQL Notifier - detected UnsignedFile.Multi.Generic ( 1 )
19:52:50.0372 0x12e4 Detect skipped due to KSN trusted
19:52:50.0372 0x12e4 MySQL Notifier - ok
19:52:50.0475 0x12e4 [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] D:\World_of_Warships\WargamingGameUpdater.exe
19:52:50.0511 0x12e4 World of Warships - ok
19:52:50.0515 0x12e4 Waiting for KSN requests completion. In queue: 146
19:52:51.0524 0x12e4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
19:52:51.0525 0x12e4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
19:52:51.0767 0x12e4 ============================================================
19:52:51.0767 0x12e4 Scan finished
19:52:51.0767 0x12e4 ============================================================
19:52:51.0770 0x1318 Detected object count: 0
19:52:51.0770 0x1318 Actual detected object count: 0
|
|
27.12.2016, 19:56
| #5 |
| /// Malwareteam | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Schritt 1 Scan mit Combofix
Schritt 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
27.12.2016, 20:17
| #6 |
| | CombofixCode:
ATTFilter ComboFix 16-12-15.01 - jones 27.12.2016 20:08:15.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.16310.13543 [GMT 1:00]
ausgeführt von:: d:\desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
FW: Kaspersky Internet Security *Disabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
SP: Kaspersky Internet Security *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\jones\AppData\Local\assembly\tmp
c:\users\jones\AppData\Local\TempOneClickRoot.exe
c:\users\jones\AppData\Roaming\poclbm
c:\users\jones\AppData\Roaming\poclbm\poclbm.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-11-27 bis 2016-12-27 ))))))))))))))))))))))))))))))
.
.
2016-12-27 19:10 . 2016-12-27 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-27 18:41 . 2016-11-10 07:44 11781064 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9851AC11-EB94-4B84-90D8-23FD780A5E19}\mpengine.dll
2016-12-27 18:32 . 2016-12-27 18:32 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignd189635d92e505cf
2016-12-27 18:28 . 2016-12-27 18:28 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignfaec8f89809fe972
2016-12-27 18:16 . 2016-12-27 18:16 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignbddaa646791b707b
2016-12-27 18:15 . 2016-12-27 18:15 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsigncddc75da6a02ca16
2016-12-27 18:15 . 2016-12-27 18:15 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign94bd6aa6adeb142e
2016-12-27 18:15 . 2016-12-27 18:15 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign2b84819e4db85ab0
2016-12-27 13:22 . 2016-12-27 13:24 -------- d-----w- C:\FRST
2016-12-26 23:58 . 2016-12-26 23:58 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign354e97dde3ea7d29
2016-12-26 23:49 . 2016-12-26 23:49 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsigne81e82cbe043aac0
2016-12-26 23:47 . 2016-12-26 23:47 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsigndc9acc32be2c3f2d
2016-12-26 23:45 . 2016-12-26 23:45 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignfac97c20acb4c43b
2016-12-26 23:44 . 2016-12-26 23:44 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign7554ccbafccb7bee
2016-12-26 23:44 . 2016-12-26 23:44 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign91fa0ab59a8ca6c8
2016-12-26 23:44 . 2016-12-26 23:44 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignf3c06d12ea8c3cff
2016-12-26 23:44 . 2016-12-26 23:44 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign628bacfd18266615
2016-12-25 20:10 . 2016-12-25 20:10 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign89c849fb7aa815fc
2016-12-25 19:53 . 2016-12-25 19:53 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign1920737777514d0b
2016-12-25 19:53 . 2016-12-25 19:53 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignd44e0b3ae7e2743f
2016-12-25 19:53 . 2016-12-25 19:53 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign76a445c852299d41
2016-12-25 15:48 . 2016-12-25 15:48 -------- d-----w- c:\users\jones\AppData\Roaming\Vara Software
2016-12-25 15:48 . 2016-12-25 15:48 -------- d-----w- c:\users\jones\AppData\Roaming\Gameshow
2016-12-25 15:48 . 2016-12-25 15:48 -------- d-----w- c:\users\jones\AppData\Local\Telestream
2016-12-25 15:48 . 2016-12-25 15:48 -------- d-----w- c:\programdata\Telestream
2016-12-25 15:48 . 2016-12-25 15:48 -------- d-----w- c:\users\jones\AppData\Roaming\Wirecast
2016-12-22 16:18 . 2016-12-22 16:18 -------- d-----w- c:\users\jones\AppData\Roaming\Microsoft FxCop
2016-12-22 10:44 . 2016-12-24 23:51 -------- d-----w- c:\users\jones\AppData\Roaming\FileZilla
2016-12-22 10:44 . 2016-12-22 10:46 -------- d-----w- c:\users\jones\AppData\Local\FileZilla
2016-12-21 15:13 . 2016-12-12 14:36 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2016-12-21 15:12 . 2016-12-12 23:36 156096 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-12-21 15:12 . 2016-12-12 23:36 123840 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-12-15 21:24 . 2016-12-15 21:24 -------- d-----w- c:\users\jones\AppData\Local\4kdownload.com
2016-12-15 21:22 . 2016-12-15 21:22 -------- d-----w- c:\program files (x86)\4KDownload
2016-12-15 17:58 . 2016-12-15 17:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-12-15 17:57 . 2016-12-15 17:57 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-12-15 17:57 . 2016-12-15 17:57 -------- d-----w- c:\program files (x86)\Java
2016-12-15 17:19 . 2016-12-09 02:40 874336 ----a-w- c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2016-12-15 17:19 . 2016-12-09 01:24 231880 ----a-w- c:\program files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2016-12-15 17:19 . 2016-12-09 01:24 53704 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2016-12-14 17:05 . 2016-12-14 17:05 -------- d-----w- c:\users\jones\AppData\Roaming\MySQL
2016-12-14 08:50 . 2016-11-21 18:12 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-12-13 17:18 . 2016-12-13 17:18 -------- d-----w- c:\users\jones\AppData\Roaming\Oracle
2016-12-13 17:18 . 2016-12-13 17:18 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 14.0
2016-12-13 17:18 . 2016-12-22 15:06 -------- d-----w- c:\program files\MySQL
2016-12-13 17:12 . 2016-12-25 15:35 -------- d-----w- c:\program files (x86)\MySQL
2016-12-13 17:12 . 2016-12-13 17:12 -------- d-----w- c:\programdata\MySQL
2016-12-13 14:10 . 2016-12-13 14:10 -------- d-----w- c:\users\jones\AppData\Local\Chromium
2016-12-12 17:35 . 2016-12-12 17:35 -------- d-----w- c:\program files (x86)\Apple Software Update
2016-12-12 17:35 . 2016-12-12 17:35 -------- d-----w- c:\users\Default\AppData\Local\Apple
2016-12-12 17:10 . 2016-12-12 17:10 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2016-12-12 17:08 . 2016-12-12 17:08 -------- d-----w- c:\users\jones\AppData\Local\SCE
2016-12-12 17:08 . 2016-12-12 17:08 -------- d-----w- c:\users\jones\AppData\Local\Daybreak Game Company
2016-12-12 16:50 . 2016-12-12 16:50 -------- d-----w- c:\users\jones\AppData\Roaming\Apple Computer
2016-12-11 20:45 . 2016-12-11 20:45 -------- d-----w- c:\programdata\Apple Computer
2016-12-11 20:45 . 2016-12-11 20:45 -------- d-----w- c:\users\jones\AppData\Local\Apple
2016-12-11 20:45 . 2016-12-11 20:45 -------- d-----w- c:\programdata\Apple
2016-12-11 20:45 . 2016-12-11 20:45 -------- d-----w- c:\program files (x86)\Common Files\Apple
2016-12-11 12:28 . 2016-12-11 12:42 -------- d-----w- c:\users\jones\AppData\Local\Troubleshooter
2016-12-11 12:16 . 2016-12-11 12:16 -------- d-----w- c:\users\jones\AppData\Local\Macromedia
2016-12-11 12:09 . 2016-12-11 12:10 -------- d-----w- c:\programdata\BlueStacksSetup
2016-12-11 12:09 . 2016-12-11 12:09 -------- d-----w- c:\users\jones\AppData\Local\Bluestacks
2016-12-11 12:09 . 2016-12-11 12:09 -------- d---a-w- c:\program files (x86)\Bluestacks
2016-12-10 17:02 . 2016-12-10 17:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignb8ae7aa56fc1fb82
2016-12-10 16:58 . 2016-12-10 16:58 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign02fc446167f0ca14
2016-12-10 16:58 . 2016-12-10 16:58 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignba25b980fad0f8bd
2016-12-10 16:57 . 2016-12-10 16:57 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign249a5aef232b417a
2016-12-10 16:57 . 2016-12-10 16:57 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignc08a35b36bbfbe2c
2016-12-10 16:57 . 2016-12-10 16:57 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign32a7196cf398f5e2
2016-12-09 14:00 . 2016-12-01 17:04 134712 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-12-09 14:00 . 2016-12-09 14:00 -------- d-----w- c:\program files (x86)\VulkanRT
2016-12-09 14:00 . 2016-09-09 18:25 269600 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-12-09 14:00 . 2016-09-09 18:25 110880 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-12-09 14:00 . 2016-09-09 18:25 261920 ----a-w- c:\windows\system32\vulkan-1.dll
2016-12-09 14:00 . 2016-09-09 18:24 125216 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-12-09 13:58 . 2016-12-12 23:36 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-12-08 19:03 . 2016-12-27 19:10 -------- d-----w- c:\users\jones\AppData\Local\assembly
2016-12-06 19:27 . 2016-12-06 19:27 -------- d-----w- c:\users\jones\VirtualBox VMs
2016-12-06 19:27 . 2016-12-13 16:55 -------- d-----w- c:\users\jones\.VirtualBox
2016-12-06 19:26 . 2016-11-21 16:45 933088 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2016-12-06 19:26 . 2016-11-21 16:44 150280 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2016-12-06 19:26 . 2016-12-06 19:26 -------- d-----w- c:\program files\Oracle
2016-12-06 19:02 . 2016-12-06 19:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign9131f71e0b828803
2016-12-06 19:02 . 2016-12-06 19:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign774b043f706c9930
2016-12-06 19:02 . 2016-12-06 19:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignda27caeac2fc6849
2016-12-06 19:02 . 2016-12-06 19:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignd11d79c13c8b7cb4
2016-12-06 18:04 . 2016-12-06 18:04 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign94819b1d872688ce
2016-12-06 18:02 . 2016-12-06 18:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign7aec91d2846b7c74
2016-12-06 18:02 . 2016-12-06 18:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign7f511a63b33f2a74
2016-12-06 18:02 . 2016-12-06 18:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsignd81ca5932ec02288
2016-12-06 18:02 . 2016-12-06 18:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign677de4a702b881ab
2016-12-06 18:02 . 2016-12-06 18:02 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign3ca798d80f75dc7c
2016-12-06 16:31 . 2016-12-06 16:31 -------- d-----w- c:\users\jones\AppData\Roaming\NuGet
2016-12-03 22:25 . 2016-12-03 22:25 -------- d-----w- c:\users\jones\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2016-12-03 21:11 . 2016-12-27 19:06 -------- d-----w- c:\programdata\boost_interprocess
2016-12-03 21:11 . 2016-12-27 19:06 -------- d-----r- c:\users\jones\Creative Cloud Files
2016-12-03 20:53 . 2016-12-04 15:28 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2016-12-03 20:42 . 2016-12-03 20:42 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign65b3eecb41c9c89e
2016-12-03 20:42 . 2016-12-03 20:42 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign1c3758160151a712
2016-12-03 20:40 . 2016-12-03 20:40 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsigna929a537f99eba8c
2016-12-03 20:39 . 2016-12-03 20:39 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsigna3078dbefe233b3a
2016-12-03 20:39 . 2016-12-03 20:39 -------- d-----w- c:\users\jones\AppData\Local\Tempzxpsign1b0e4e8584018b99
2016-12-03 17:22 . 2016-12-07 20:15 -------- d-----w- c:\users\jones\AppData\Roaming\vlc
2016-12-03 16:05 . 2016-12-04 19:34 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2016-12-03 16:05 . 2016-12-03 20:53 -------- d-----w- c:\program files\Common Files\Adobe
2016-12-03 16:05 . 2016-12-04 19:46 -------- d-----w- c:\program files\Adobe
2016-12-03 16:00 . 2016-12-25 15:45 -------- d-----w- c:\users\jones\AppData\Local\Deployment
2016-12-03 16:00 . 2016-12-03 16:00 -------- d-----w- c:\users\jones\AppData\Local\Apps
2016-12-03 15:47 . 2016-12-03 15:47 -------- d-----w- c:\program files\Common Files\DESIGNER
2016-12-03 15:00 . 2016-12-03 15:00 -------- d-----w- c:\users\jones\AppData\Local\{F28CC4D0-D624-A868-BBBC-8D809FD47118}
2016-12-02 20:24 . 2016-12-02 20:25 -------- d-----w- c:\users\jones\AppData\Local\UnrealEngine
2016-12-02 20:24 . 2016-12-02 20:24 -------- d-----w- c:\users\jones\AppData\Local\EpicGamesLauncher
2016-12-02 20:24 . 2016-12-02 20:25 -------- d-----w- c:\programdata\Epic
2016-11-30 19:50 . 2016-11-30 19:50 -------- d-----w- c:\users\jones\AppData\Local\PDF24
2016-11-30 19:49 . 2016-11-30 19:49 -------- d-----w- c:\program files (x86)\PDF24
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-11-28 20:07 . 2016-11-28 20:07 -------- d-----w- C:\Python27
2016-11-28 19:59 . 2016-11-28 19:59 6625400 ----a-w- c:\users\jones\AppData\Roaming\Microsoft\Windows Activator\Windows Activator.exe
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-25 15:35 . 2016-10-22 14:02 1414240 ----a-w- c:\programdata\Microsoft\VisualStudio\14.0\1031\ResourceCache.dll
2016-12-15 21:24 . 2016-10-12 16:00 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-12-15 21:24 . 2016-10-12 16:00 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-12-14 21:34 . 2016-09-25 21:05 135632432 -c--a-w- c:\windows\system32\MRT.exe
2016-12-12 14:37 . 2016-09-25 19:08 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2016-12-07 11:15 . 2016-06-20 16:29 57936 ----a-w- c:\windows\system32\drivers\klim6.sys
2016-12-07 11:15 . 2016-06-02 21:39 134880 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-12-07 11:15 . 2016-11-25 13:42 1036512 ----a-w- c:\windows\system32\drivers\klif.sys
2016-12-01 19:52 . 2016-11-19 16:52 14410120 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-12-01 19:52 . 2016-10-22 21:09 491536 ----a-w- c:\windows\system32\nvumdshimx.dll
2016-12-01 19:52 . 2016-09-26 16:36 19948848 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-12-01 19:52 . 2016-09-26 16:36 17440744 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-12-01 19:52 . 2016-09-25 19:00 17373312 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2016-12-01 19:52 . 2016-09-25 19:00 3941536 ----a-w- c:\windows\system32\nvapi64.dll
2016-12-01 19:52 . 2016-09-25 19:00 3479560 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-12-01 17:32 . 2016-09-25 19:01 6384576 ----a-w- c:\windows\system32\nvcpl.dll
2016-12-01 17:32 . 2016-09-25 19:01 2475968 ----a-w- c:\windows\system32\nvsvc64.dll
2016-12-01 17:32 . 2016-09-26 16:37 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-12-01 17:32 . 2016-09-26 16:37 546752 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-12-01 17:32 . 2016-09-25 19:01 69568 ----a-w- c:\windows\system32\nvshext.dll
2016-12-01 17:32 . 2016-09-25 19:01 393784 ----a-w- c:\windows\system32\nvmctray.dll
2016-12-01 17:32 . 2016-09-25 19:01 1762752 ----a-w- c:\windows\system32\nvsvcr.dll
2016-11-30 09:34 . 2016-09-25 19:01 7607057 ----a-w- c:\windows\system32\nvcoproc.bin
2016-11-27 01:29 . 2016-09-25 18:30 1048576 ----a-w- c:\windows\PE_Rom.dll
2016-11-27 01:28 . 2016-11-25 15:27 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-25 14:00 . 2016-06-20 16:51 305496 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-11-21 16:44 . 2016-11-21 16:44 206416 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2016-11-21 16:44 . 2016-11-21 16:44 132120 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
2016-11-17 13:45 . 2016-09-25 19:08 1854400 ----a-w- c:\windows\system32\nvspcap64.dll
2016-11-17 13:45 . 2016-09-25 19:08 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-11-17 13:45 . 2016-09-25 19:08 1452480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-11-17 13:45 . 2016-09-25 19:08 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-11-17 13:45 . 2016-09-25 19:08 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-11-17 02:04 . 2016-11-19 16:52 1953336 ----a-w- c:\windows\system32\nvdispco6437595.dll
2016-11-17 02:04 . 2016-11-19 16:52 1585088 ----a-w- c:\windows\system32\nvdispgenco6437595.dll
2016-11-10 23:48 . 2016-11-16 15:32 1951680 ----a-w- c:\windows\system32\nvdispco6437586.dll
2016-11-10 23:48 . 2016-11-16 15:32 1586744 ----a-w- c:\windows\system32\nvdispgenco6437586.dll
2016-11-02 15:36 . 2016-11-08 20:00 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-08 20:00 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-08 20:00 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-11-02 15:32 . 2016-11-08 20:00 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-11-02 15:32 . 2016-11-08 20:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-11-02 15:22 . 2016-11-08 20:00 308456 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-11-02 15:16 . 2016-11-08 20:00 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-11-02 15:16 . 2016-11-08 20:00 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-11-02 15:16 . 2016-11-08 20:00 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-11-02 14:53 . 2016-11-08 20:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-10-26 15:29 . 2010-11-21 03:27 485032 ------w- c:\windows\system32\MpSigStub.exe
2016-10-25 21:39 . 2016-10-30 11:09 1953336 ----a-w- c:\windows\system32\nvdispco6437570.dll
2016-10-25 21:39 . 2016-10-30 11:09 1586744 ----a-w- c:\windows\system32\nvdispgenco6437570.dll
2016-10-22 14:02 . 2016-10-22 14:02 678336 ----a-w- c:\programdata\Microsoft\Blend\14.0\1031\ResourceCache.dll
2016-10-22 07:20 . 2016-10-26 09:29 1953336 ----a-w- c:\windows\system32\nvdispco6437563.dll
2016-10-22 07:20 . 2016-10-26 09:29 1585088 ----a-w- c:\windows\system32\nvdispgenco6437563.dll
2016-10-19 22:48 . 2016-10-22 21:09 46024 ----a-w- c:\windows\system32\nvhdap64.dll
2016-10-19 22:48 . 2016-10-22 21:09 212936 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2016-10-19 22:48 . 2016-09-25 19:01 1595456 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2016-10-18 21:23 . 2016-10-22 21:09 1951680 ----a-w- c:\windows\system32\nvdispco6437557.dll
2016-10-18 21:23 . 2016-10-22 21:09 1586744 ----a-w- c:\windows\system32\nvdispgenco6437557.dll
2016-10-15 15:31 . 2016-11-08 20:00 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-10-15 15:31 . 2016-11-08 20:00 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-10-15 15:13 . 2016-11-08 20:00 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-10-15 15:13 . 2016-11-08 20:00 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-10-11 15:31 . 2016-11-08 20:00 1068544 ----a-w- c:\windows\system32\msctf.dll
2016-10-11 15:31 . 2016-11-08 20:00 878080 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-10-11 15:31 . 2016-11-08 20:00 457216 ----a-w- c:\windows\system32\imkr80.ime
2016-10-11 15:31 . 2016-11-08 20:00 176128 ----a-w- c:\windows\system32\tintlgnt.ime
2016-10-11 15:31 . 2016-11-08 20:00 175104 ----a-w- c:\windows\system32\quick.ime
2016-10-11 15:31 . 2016-11-08 20:00 175104 ----a-w- c:\windows\system32\qintlgnt.ime
2016-10-11 15:31 . 2016-11-08 20:00 175104 ----a-w- c:\windows\system32\phon.ime
2016-10-11 15:31 . 2016-11-08 20:00 175104 ----a-w- c:\windows\system32\cintlgnt.ime
2016-10-11 15:31 . 2016-11-08 20:00 175104 ----a-w- c:\windows\system32\chajei.ime
2016-10-11 15:31 . 2016-11-08 20:00 132608 ----a-w- c:\windows\system32\pintlgnt.ime
2016-10-11 15:31 . 2016-11-08 20:00 1148416 ----a-w- c:\windows\system32\IMJP10.IME
2016-10-11 15:31 . 2016-11-08 20:00 246784 ----a-w- c:\windows\system32\input.dll
2016-10-11 15:18 . 2016-11-08 20:00 829952 ----a-w- c:\windows\SysWow64\msctf.dll
2016-10-11 15:18 . 2016-11-08 20:00 90112 ----a-w- c:\windows\SysWow64\pintlgnt.ime
2016-10-11 15:18 . 2016-11-08 20:00 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2016-10-11 15:18 . 2016-11-08 20:00 430080 ----a-w- c:\windows\SysWow64\imkr80.ime
2016-10-11 15:18 . 2016-11-08 20:00 126976 ----a-w- c:\windows\SysWow64\tintlgnt.ime
2016-10-11 15:18 . 2016-11-08 20:00 125952 ----a-w- c:\windows\SysWow64\quick.ime
2016-10-11 15:18 . 2016-11-08 20:00 125952 ----a-w- c:\windows\SysWow64\qintlgnt.ime
2016-10-11 15:18 . 2016-11-08 20:00 125952 ----a-w- c:\windows\SysWow64\phon.ime
2016-10-11 15:18 . 2016-11-08 20:00 125952 ----a-w- c:\windows\SysWow64\cintlgnt.ime
2016-10-11 15:18 . 2016-11-08 20:00 125952 ----a-w- c:\windows\SysWow64\chajei.ime
2016-10-11 15:18 . 2016-11-08 20:00 1027584 ----a-w- c:\windows\SysWow64\IMJP10.IME
2016-10-11 15:18 . 2016-11-08 20:00 202240 ----a-w- c:\windows\SysWow64\input.dll
2016-10-11 15:18 . 2016-12-14 08:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-10-11 13:33 . 2016-11-08 20:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2016-10-11 13:06 . 2016-11-08 20:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2016-10-07 21:14 . 2016-10-07 21:14 1002728 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll
2016-10-07 15:32 . 2016-11-08 20:00 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-10-07 15:32 . 2016-11-08 20:00 3649536 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-10-07 15:32 . 2016-11-08 20:00 84992 ----a-w- c:\windows\system32\asycfilt.dll
2016-10-07 15:12 . 2016-11-08 20:00 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-10-07 15:12 . 2016-11-08 20:00 2291712 ----a-w- c:\windows\SysWow64\MSVidCtl.dll
2016-10-07 15:12 . 2016-11-08 20:00 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2016-10-05 14:54 . 2016-11-08 20:00 90112 ----a-w- c:\windows\system32\drivers\bowser.sys
2016-10-01 21:15 . 2016-10-06 17:21 1935808 ----a-w- c:\windows\system32\nvdispco6437306.dll
2016-10-01 21:15 . 2016-10-06 17:21 1585088 ----a-w- c:\windows\system32\nvdispgenco6437306.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
2016-12-07 11:15 1028968 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{093F479D-712E-46CD-9E06-62E734A05F68}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll" [2016-12-07 1028968]
.
[HKEY_CLASSES_ROOT\clsid\{093f479d-712e-46cd-9e06-62e734a05f68}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-12-03 15:47 1602248 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-12-03 15:47 1602248 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-12-03 15:47 1602248 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-12-03 15:47 1602248 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-12-03 15:47 1602248 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-12-03 15:46 1931056 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-12-03 15:46 1931056 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-12-03 15:46 1931056 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2016-12-20 2876704]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2016-08-03 3582240]
"Discord"="c:\users\jones\AppData\Local\Discord\app-0.0.296\Discord.exe" [2016-08-24 62471352]
"BlueStacks Agent"="c:\program files (x86)\Bluestacks\HD-Agent.exe" [2016-12-01 1690248]
"MySQL Notifier"="c:\program files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe" [2016-07-29 754176]
"World of Warships"="d:\world_of_warships\WargamingGameUpdater.exe" [2016-12-05 3134216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2013-01-28 550272]
"ROGRAMCACHE"="c:\program files (x86)\ROGRAMCACHE\RamCache.exe" [2016-09-25 4312720]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2015-06-15 296216]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2016-10-25 2383040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 KSDE1.0.0;Kaspersky Secure Connection Service 1.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\jones\AppData\Local\Temp\ALSysIO64.sys;c:\users\jones\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys;c:\windows\SYSNATIVE\DRIVERS\awealloc.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BstHdAndroidSvc;BlueStacks Android Service ;c:\program files (x86)\Bluestacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\Bluestacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\Bluestacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [x]
R3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service ;c:\program files (x86)\Bluestacks\HD-Plus-Service.exe BstHdPlusAndroidSvc Android;c:\program files (x86)\Bluestacks\HD-Plus-Service.exe BstHdPlusAndroidSvc Android [x]
R3 BstkDrv;BlueStacks Plus Hypervisor;c:\program files (x86)\Bluestacks\BstkDrv.sys;c:\program files (x86)\Bluestacks\BstkDrv.sys [x]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtproscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtproscsibus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;c:\visual studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;c:\visual studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
R4 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
R4 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
R4 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [x]
R4 AsusGameFirstService;AsusGameFirstService;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [x]
R4 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [x]
R4 MBAMScheduler;MBAMScheduler;d:\ malwarebytes anti-malware \mbamscheduler.exe;d:\ malwarebytes anti-malware \mbamscheduler.exe [x]
R4 MBAMService;MBAMService;d:\ malwarebytes anti-malware \mbamservice.exe;d:\ malwarebytes anti-malware \mbamservice.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 FNETHYRAMAS;FNETHYRAMAS;c:\windows\System32\drivers\FNETHYRAMAS.SYS;c:\windows\SYSNATIVE\drivers\FNETHYRAMAS.SYS [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 NFC_Driver;NFC_Driver;c:\windows\system32\drivers\NFC_Driver.sys;c:\windows\SYSNATIVE\drivers\NFC_Driver.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetLwf.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 AsRamDisk;ASUS Ram Disk Driver;c:\windows\system32\DRIVERS\asramdisk.sys;c:\windows\SYSNATIVE\DRIVERS\asramdisk.sys [x]
S2 AVP17.0.0;Kaspersky Anti-Virus Service 17.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\Bluestacks\HD-LogRotatorService.exe;c:\program files (x86)\Bluestacks\HD-LogRotatorService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 LGCoreTemp;Logitech CPU Core Tempurature;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [x]
S2 LogiRegistryService;Logitech Gaming Registry Service;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 PDF24;PDF24;c:\program files (x86)\PDF24\pdf24.exe;c:\program files (x86)\PDF24\pdf24.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 AndroidAFD;AndroidAFD;SysWow64\drivers\AndroidAFDx64.sys;SysWow64\drivers\AndroidAFDx64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 kltap;Kaspersky Security Data Escort Adapter;c:\windows\system32\DRIVERS\kltap.sys;c:\windows\SYSNATIVE\DRIVERS\kltap.sys [x]
S3 ladfGSS;Logitech USB Surround Filter Driver (LGS);c:\windows\system32\drivers\ladfGSS.sys;c:\windows\SYSNATIVE\drivers\ladfGSS.sys [x]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);c:\windows\system32\drivers\LGJoyXlCore.sys;c:\windows\SYSNATIVE\drivers\LGJoyXlCore.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Inhalt des "geplante Tasks" Ordners
.
2016-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12 21:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591}]
2016-12-07 11:15 1253736 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{093F479D-712E-46CD-9E06-62E734A05F68}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll" [2016-12-07 1253736]
.
[HKEY_CLASSES_ROOT\CLSID\{093F479D-712E-46CD-9E06-62E734A05F68}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-10-25 08:57 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-10-25 08:57 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-10-25 08:57 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-12-03 15:47 1659072 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-12-03 15:47 1659072 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-12-03 15:47 1659072 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-12-03 15:47 1659072 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-12-03 15:47 1659072 ----a-w- c:\users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-11-17 1854400]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2016-08-30 16286840]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-07-01 508128]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: NameServer = 8.8.8.8,8.8.4.4
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\
FF - prefs.js: browser.search.selectedEngine - Search Provided by Bing
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-AO Link Server - c:\program files (x86)\ASUS\AI Suite III\Mobo Connect\ALRun.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_24_0_0_186_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_24_0_0_186_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_24_0_0_186_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_24_0_0_186_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.24"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
c:\program files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-12-27 20:12:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2016-12-27 19:12
.
Vor Suchlauf: 15 Verzeichnis(se), 69.018.693.632 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 105.814.769.664 Bytes frei
.
- - End Of File - - 09C6789B1BAE043E023D56FBBF55417A
A36C5E4F47E84449FF07ED3517B43A31
|
|
27.12.2016, 20:19
| #7 |
| | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von jones (Administrator) auf JONES-PC (27-12-2016 20:16:54)
Gestartet von D:\Desktop
Geladene Profile: jones (Verfügbare Profile: jones)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-30] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ROGRAMCACHE] => C:\Program Files (x86)\ROGRAMCACHE\RamCache.exe [4312720 2016-09-25] (ASUSTeKcomputer Inc)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Steam] => D:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-08-03] (Nota Inc.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Discord] => C:\Users\jones\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1690248 2016-12-01] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [754176 2016-07-29] (Oracle Corporation)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [World of Warships] => D:\World_of_Warships\WargamingGameUpdater.exe [3134216 2016-12-05] (Wargaming.net)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-03] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-03] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-15] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-03] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: w9eabcxv.default
FF ProfilePath: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default [2016-12-27]
FF NewTab: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\w9eabcxv.default -> user_pref("keyword.URL", true);
FF Extension: (Tails Download and Verify) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\dave@tails.boum.org.xpi [2016-12-14]
FF Extension: (BetterTTV) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\firefox@betterttv.net.xpi [2016-10-15]
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-12-25]
FF Extension: (Lightbeam) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2016-10-30]
FF Extension: (uBlock Origin) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-20]
FF SearchPlugin: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\searchplugins\search provided by bing.xml [2016-12-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-15] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-03] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1883078689-1713311263-2009741731-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-10-17] ()
Chrome:
=======
CHR Profile: C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default [2016-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21]
CHR Extension: (Google Docs) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21]
CHR Extension: (Google Drive) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (YouTube) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (Google Tabellen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21]
CHR Extension: (Kaspersky Protection) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-10]
CHR Extension: (Google Docs Offline) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-21]
CHR Extension: (Google Mail) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-21]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] () [Datei ist nicht signiert]
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc.)
S4 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [346424 2015-04-10] (ASUSTeK)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-01] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-01] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
S4 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-30] (Logitech Inc.)
S4 MBAMScheduler; D:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S4 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-10] (Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 VSStandardCollectorService140; C:\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [111416 2014-05-07] (Asus)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21304 2014-02-17] (Olof Lagerkvist)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-01] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2016-09-25] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R0 FNETHYRAMAS; C:\Windows\System32\drivers\FNETHYRAMAS.SYS [45688 2016-09-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2016-09-25] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-22] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-11-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-08-30] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-08-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [172832 2015-05-08] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2015-04-10] (Titan ARC Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 ALSysIO; \??\C:\Users\jones\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 20:12 - 2016-12-27 20:12 - 00053449 _____ C:\ComboFix.txt
2016-12-27 20:07 - 2016-12-27 20:12 - 00000000 ____D C:\Qoobox
2016-12-27 20:07 - 2016-12-27 20:11 - 00000000 ____D C:\Windows\erdnt
2016-12-27 20:07 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-27 20:07 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-27 20:07 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-27 19:52 - 2016-12-27 19:54 - 00231756 _____ C:\TDSSKiller.3.1.0.12_27.12.2016_19.52.28_log.txt
2016-12-27 19:32 - 2016-12-27 19:32 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd189635d92e505cf
2016-12-27 19:28 - 2016-12-27 19:28 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignfaec8f89809fe972
2016-12-27 19:16 - 2016-12-27 19:16 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignbddaa646791b707b
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigncddc75da6a02ca16
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign94bd6aa6adeb142e
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign2b84819e4db85ab0
2016-12-27 14:22 - 2016-12-27 20:16 - 00000000 ____D C:\FRST
2016-12-27 00:58 - 2016-12-27 00:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign354e97dde3ea7d29
2016-12-27 00:49 - 2016-12-27 00:49 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigne81e82cbe043aac0
2016-12-27 00:47 - 2016-12-27 00:47 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigndc9acc32be2c3f2d
2016-12-27 00:45 - 2016-12-27 00:45 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignfac97c20acb4c43b
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignf3c06d12ea8c3cff
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign91fa0ab59a8ca6c8
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7554ccbafccb7bee
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign628bacfd18266615
2016-12-25 21:10 - 2016-12-25 21:10 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign89c849fb7aa815fc
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd44e0b3ae7e2743f
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign76a445c852299d41
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1920737777514d0b
2016-12-25 16:48 - 2016-12-25 18:57 - 00001819 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000101 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\WirecastCache
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Wirecast
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Vara Software
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Gameshow
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Local\Telestream
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\ProgramData\Telestream
2016-12-23 23:47 - 2016-12-23 23:47 - 00430280 _____ C:\Windows\Minidump\122316-5818-01.dmp
2016-12-22 17:18 - 2016-12-22 17:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft FxCop
2016-12-22 11:44 - 2016-12-25 00:51 - 00000000 ____D C:\Users\jones\AppData\Roaming\FileZilla
2016-12-22 11:44 - 2016-12-22 11:46 - 00000000 ____D C:\Users\jones\AppData\Local\FileZilla
2016-12-22 11:44 - 2016-12-22 11:44 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-12-22 09:44 - 2016-12-27 20:10 - 00038600 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-21 16:13 - 2016-12-12 15:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-21 16:12 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-21 16:12 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-15 22:24 - 2016-12-15 22:24 - 00000000 ____D C:\Users\jones\AppData\Local\4kdownload.com
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-12-15 20:28 - 2016-12-15 20:28 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-12-15 18:57 - 2016-12-15 18:57 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-15 18:18 - 2016-12-25 19:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-15 18:18 - 2016-12-15 22:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 18:05 - 2016-12-14 18:05 - 00000000 ____D C:\Users\jones\AppData\Roaming\MySQL
2016-12-14 15:43 - 2016-12-14 15:43 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-12-14 09:51 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 09:51 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 09:51 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 09:51 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 09:51 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 09:51 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 09:51 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 09:51 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 09:51 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 09:51 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 09:51 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 09:51 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 09:51 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 09:51 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 09:51 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 09:51 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 09:51 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 09:51 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 09:51 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 09:51 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 09:51 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 09:51 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 09:51 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 09:51 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 09:51 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 09:51 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 09:51 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 09:51 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 09:51 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 09:51 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 09:51 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 09:51 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 09:51 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:51 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 09:51 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 09:51 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 09:51 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 09:51 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 09:51 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 09:51 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 09:51 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 09:51 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 09:51 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 09:51 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 09:51 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 09:50 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 09:50 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 09:50 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 09:50 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 09:50 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 09:50 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 09:50 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 09:50 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 09:50 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 09:50 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 09:50 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 09:50 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 09:50 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 09:50 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 09:50 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 18:18 - 2016-12-22 16:06 - 00000000 ____D C:\Program Files\MySQL
2016-12-13 18:18 - 2016-12-13 18:18 - 00003658 _____ C:\Windows\System32\Tasks\MySQLNotifierTask
2016-12-13 18:18 - 2016-12-13 18:18 - 00000469 _____ C:\Windows\ODBCINST.INI
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Oracle
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\Windows\System32\Tasks\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\ProgramData\MySQL
2016-12-13 15:10 - 2016-12-13 15:10 - 00000000 ____D C:\Users\jones\AppData\Local\Chromium
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-12 18:08 - 2016-12-12 18:10 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Daybreak Game Company
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\SCE
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\Daybreak Game Company
2016-12-12 17:50 - 2016-12-12 17:50 - 00000000 ____D C:\Users\jones\AppData\Roaming\Apple Computer
2016-12-11 21:45 - 2016-12-12 18:35 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\Local\Apple
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple
2016-12-11 13:28 - 2016-12-11 13:42 - 00000000 ____D C:\Users\jones\AppData\Local\Troubleshooter
2016-12-11 13:16 - 2016-12-11 13:16 - 00000000 ____D C:\Users\jones\AppData\Local\Macromedia
2016-12-11 13:10 - 2016-11-23 14:37 - 00000570 _____ C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-12-11 13:09 - 2016-12-11 13:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-12-11 13:09 - 2016-12-11 13:09 - 00001636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Users\jones\AppData\Local\Bluestacks
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-12-10 18:02 - 2016-12-10 18:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignb8ae7aa56fc1fb82
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignba25b980fad0f8bd
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign02fc446167f0ca14
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignc08a35b36bbfbe2c
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign32a7196cf398f5e2
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign249a5aef232b417a
2016-12-09 15:00 - 2016-12-09 15:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-09 15:00 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-09 15:00 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-09 15:00 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-09 14:59 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-09 14:59 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-09 14:58 - 2016-12-13 00:36 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-07 12:25 - 2016-12-07 12:25 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-12-06 20:27 - 2016-12-13 17:55 - 00000000 ____D C:\Users\jones\.VirtualBox
2016-12-06 20:27 - 2016-12-06 20:27 - 00000000 ____D C:\Users\jones\VirtualBox VMs
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\Program Files\Oracle
2016-12-06 20:26 - 2016-11-21 17:45 - 00933088 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-12-06 20:26 - 2016-11-21 17:44 - 00150280 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignda27caeac2fc6849
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd11d79c13c8b7cb4
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign9131f71e0b828803
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign774b043f706c9930
2016-12-06 19:04 - 2016-12-06 19:04 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign94819b1d872688ce
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd81ca5932ec02288
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7f511a63b33f2a74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7aec91d2846b7c74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign677de4a702b881ab
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign3ca798d80f75dc7c
2016-12-06 17:31 - 2016-12-06 17:31 - 00000000 ____D C:\Users\jones\AppData\Roaming\NuGet
2016-12-04 20:46 - 2016-12-04 20:46 - 00001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2016-12-04 12:07 - 2016-12-04 12:07 - 00430376 _____ C:\Windows\Minidump\120416-8392-01.dmp
2016-12-04 11:55 - 2016-12-04 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\jones\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2016-12-03 22:11 - 2016-12-27 20:06 - 00000000 ___RD C:\Users\jones\Creative Cloud Files
2016-12-03 22:11 - 2016-12-27 20:06 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-03 21:53 - 2016-12-03 21:53 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign65b3eecb41c9c89e
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1c3758160151a712
2016-12-03 21:40 - 2016-12-03 21:40 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna929a537f99eba8c
2016-12-03 21:39 - 2016-12-03 21:39 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna3078dbefe233b3a
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1b0e4e8584018b99
2016-12-03 18:22 - 2016-12-07 21:15 - 00000000 ____D C:\Users\jones\AppData\Roaming\vlc
2016-12-03 18:22 - 2016-12-03 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-03 17:18 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts_bkup
2016-12-03 17:05 - 2016-12-04 20:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-03 17:05 - 2016-12-04 20:34 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-03 17:05 - 2016-12-03 21:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-03 17:05 - 2016-12-03 17:05 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-jones-PC-jones
2016-12-03 17:05 - 2016-12-03 17:05 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2016-12-03 17:00 - 2016-12-25 16:45 - 00000000 ____D C:\Users\jones\AppData\Local\Deployment
2016-12-03 17:00 - 2016-12-03 17:00 - 00000000 ____D C:\Users\jones\AppData\Local\Apps\2.0
2016-12-03 16:47 - 2016-12-03 16:47 - 00002142 _____ C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-03 16:44 - 2016-12-03 16:44 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-12-03 16:42 - 2016-12-03 16:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Local\{F28CC4D0-D624-A868-BBBC-8D809FD47118}
2016-12-02 21:24 - 2016-12-02 21:25 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngine
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\ProgramData\Epic
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngineLauncher
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\EpicGamesLauncher
2016-11-30 20:50 - 2016-11-30 20:50 - 00000000 ____D C:\Users\jones\AppData\Local\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\Python27
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-11-28 20:38 - 2016-11-28 20:38 - 00000000 ____D C:\Users\jones\AppData\Roaming\Skype
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ___RD C:\Users\jones\OneDrive
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-28 20:36 - 2016-11-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-28 20:30 - 2016-11-28 20:30 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-28 20:28 - 2016-12-03 22:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-11-27 14:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2016-11-27 13:47 - 2016-11-27 13:47 - 00000000 ____D C:\Users\jones\AppData\Local\CrashRpt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 20:16 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-27 20:16 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-27 20:16 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 20:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-27 20:13 - 2016-11-19 11:59 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Mozilla
2016-12-27 20:13 - 2016-09-29 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-27 20:11 - 2016-09-26 18:07 - 00000000 ____D C:\Users\jones\AppData\Local\CrashDumps
2016-12-27 20:11 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-27 20:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-27 20:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-12-27 20:10 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 20:10 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 20:10 - 2009-07-14 03:34 - 19922944 _____ C:\Windows\system32\config\SYSTEM.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 120061952 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 08650752 _____ C:\Windows\system32\config\DEFAULT.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-12-27 20:05 - 2016-09-26 18:26 - 00000000 ____D C:\Users\jones\AppData\Local\Adobe
2016-12-27 19:38 - 2016-09-25 19:29 - 00075440 _____ C:\Users\jones\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-27 19:38 - 2016-09-25 18:52 - 00000000 ____D C:\Users\jones
2016-12-27 19:37 - 2016-11-19 21:41 - 00000000 ____D C:\Users\jones\AppData\Roaming\Battle.net
2016-12-27 19:37 - 2016-10-10 18:36 - 00000000 ____D C:\Users\jones\AppData\Roaming\Audacity
2016-12-27 19:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-26 11:54 - 2016-11-19 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Battle.net
2016-12-25 19:55 - 2016-11-14 18:04 - 00000000 ____D C:\Users\jones\AppData\Roaming\discord
2016-12-25 19:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-25 16:51 - 2016-10-22 14:41 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-25 16:51 - 2016-10-22 14:40 - 00000000 ____D C:\Visual Studio
2016-12-25 16:51 - 2016-09-25 19:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-25 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-25 16:50 - 2016-10-22 14:42 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-25 16:50 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-25 16:49 - 2016-10-22 14:51 - 00000000 ____D C:\Users\jones\AppData\Local\VSIXInstaller
2016-12-25 16:43 - 2016-10-22 14:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-25 16:43 - 2016-10-22 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-24 16:45 - 2016-10-12 17:38 - 00000000 ____D C:\Users\jones\AppData\Local\ElevatedDiagnostics
2016-12-23 23:47 - 2016-11-01 18:19 - 896961039 _____ C:\Windows\MEMORY.DMP
2016-12-23 23:47 - 2016-11-01 18:19 - 00000000 ____D C:\Windows\Minidump
2016-12-23 22:52 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-23 00:49 - 2016-10-20 18:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-23 00:48 - 2016-10-20 18:19 - 00000000 ____D C:\Users\jones\AppData\Roaming\Origin
2016-12-22 15:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-22 09:44 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-21 16:25 - 2016-09-29 17:53 - 00000000 ____D C:\Users\jones\AppData\Local\UmmyVideoDownloader
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\NVIDIA Corporation
2016-12-21 16:13 - 2016-09-25 20:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 19:12 - 2016-11-21 20:07 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 19:12 - 2016-11-21 20:07 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 18:21 - 2016-11-18 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 18:21 - 2016-09-25 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 22:24 - 2016-10-12 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-15 22:24 - 2016-10-12 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-15 20:51 - 2016-10-17 17:54 - 00000000 ____D C:\Users\jones\AppData\Local\Ubisoft Game Launcher
2016-12-15 19:13 - 2016-09-26 18:07 - 00000316 _____ C:\Users\jones\.packettracer
2016-12-15 18:58 - 2016-11-01 18:35 - 00000000 ____D C:\ProgramData\Oracle
2016-12-15 18:19 - 2016-09-25 20:06 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-15 18:14 - 2016-11-21 20:07 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 17:37 - 2009-07-14 05:45 - 05036728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 22:35 - 2016-09-25 22:05 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 22:34 - 2016-09-25 22:05 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 22:33 - 2016-09-25 19:46 - 01594174 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 15:10 - 2016-09-25 21:31 - 00000000 ____D C:\Users\jones\AppData\Local\Steam
2016-12-12 15:37 - 2016-09-25 20:08 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-11 16:18 - 2016-10-29 22:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-11 13:09 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-10 22:42 - 2016-10-20 18:19 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-10 11:08 - 2016-11-21 20:07 - 00000000 ____D C:\Users\jones\AppData\Local\Google
2016-12-09 15:01 - 2016-09-25 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-09 15:01 - 2016-09-25 19:50 - 00000000 ____D C:\Temp
2016-12-09 14:58 - 2016-09-25 20:08 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-09 14:58 - 2016-09-25 20:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-07 17:53 - 2016-10-24 16:10 - 00000000 ____D C:\Users\jones\AppData\Local\fabi.me
2016-12-07 12:24 - 2016-09-25 19:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-07 12:15 - 2016-11-25 14:42 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-07 12:15 - 2016-06-20 17:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-07 12:15 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 20:23 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Roaming\VMware
2016-12-06 20:23 - 2016-10-05 18:07 - 00000000 ____D C:\ProgramData\VMware
2016-12-06 20:22 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Local\VMware
2016-12-04 20:46 - 2016-09-25 20:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Adobe
2016-12-04 12:23 - 2016-09-29 19:49 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 22:11 - 2016-09-25 19:31 - 00000000 ____D C:\ProgramData\Adobe
2016-12-03 16:41 - 2016-10-04 17:33 - 00000000 ____D C:\Users\jones\AppData\Roaming\Samsung
2016-12-03 16:41 - 2016-09-25 19:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-03 16:40 - 2016-09-25 18:53 - 00000000 ____D C:\Users\jones\AppData\Local\VirtualStore
2016-12-01 20:52 - 2016-11-19 17:52 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2016-10-22 22:09 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-01 20:52 - 2016-09-25 20:01 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 20:52 - 2016-09-25 20:00 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-30 17:23 - 2016-11-25 19:03 - 00000000 ____D C:\Users\jones\AppData\Roaming\iw4play
2016-11-30 10:34 - 2016-09-25 20:01 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-29 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-27 02:29 - 2016-09-25 19:30 - 01048576 _____ C:\Windows\PE_Rom.dll
2016-11-27 02:28 - 2016-11-25 16:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-25 16:48 - 2016-12-25 16:48 - 0000101 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 18:57 - 0001819 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-09-26 19:04 - 2016-11-25 17:19 - 0007594 _____ () C:\Users\jones\AppData\Local\Resmon.ResmonCfg
2016-12-11 13:10 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-11-17 20:10 - 2016-11-17 20:10 - 0019456 _____ () C:\Users\jones\AppData\Local\WebpageIcons.db
2016-12-22 09:44 - 2016-12-27 20:11 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:44 - 2016-12-27 20:10 - 0038600 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-24 16:38
==================== Ende von FRST.txt ============================
|
|
27.12.2016, 20:20
| #8 |
| | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Addition: Code:
ATTFilter Addition: |
|
27.12.2016, 21:35
| #9 |
| /// Malwareteam | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Lade dir folgendes Programm herunter und installiere es:  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
27.12.2016, 21:54
| #10 |
| | ADW CleanerCode:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 27/12/2016 um 21:42:20
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-26.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : jones - JONES-PC
# Gestartet von : D:\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\invalidprefs.js
[-] Datei gelöscht: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\searchplugins\Search Provided by Bing.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2102 Bytes] - [27/12/2016 21:42:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [2252 Bytes] - [27/12/2016 21:41:47]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2248 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 27.12.16
Scan-Zeit: 21:46
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.5.1299
Komponentenversion: 1.0.43
Version des Aktualisierungspakets: 1.0.871
Lizenz: Abgelaufen
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: jones-PC\jones
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 364323
Abgelaufene Zeit: 1 Min., 46 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von jones (Administrator) auf JONES-PC (27-12-2016 21:49:23)
Gestartet von D:\Desktop
Geladene Profile: jones (Verfügbare Profile: jones)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) D:\Steam\Steam.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Don HO don.h@free.fr) D:\Notepad++\notepad++.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [16286840 2016-08-30] (Logitech Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => D:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Steam] => D:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-08-03] (Nota Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FECD1C8E-B62A-4F36-A020-C09A2FC33A23}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-15] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2016-12-07] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: w9eabcxv.default
FF ProfilePath: C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default [2016-12-27]
FF NewTab: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w9eabcxv.default -> Search Provided by Bing
FF Homepage: Mozilla\Firefox\Profiles\w9eabcxv.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\w9eabcxv.default -> user_pref("keyword.URL", true);
FF Extension: (Tails Download and Verify) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\dave@tails.boum.org.xpi [2016-12-14]
FF Extension: (BetterTTV) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\firefox@betterttv.net.xpi [2016-10-15]
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\hotspot-shield@anchorfree.com.xpi [2016-12-25]
FF Extension: (Lightbeam) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2016-10-30]
FF Extension: (uBlock Origin) - C:\Users\jones\AppData\Roaming\Mozilla\Firefox\Profiles\w9eabcxv.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-20]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-15] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1883078689-1713311263-2009741731-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-10-17] ()
Chrome:
=======
CHR Profile: C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default [2016-12-10]
CHR Extension: (Google Präsentationen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-21]
CHR Extension: (Google Docs) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-21]
CHR Extension: (Google Drive) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (YouTube) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (Google Tabellen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-21]
CHR Extension: (Kaspersky Protection) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-10]
CHR Extension: (Google Docs Offline) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-21]
CHR Extension: (Google Mail) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\jones\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-21]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-05-08] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-09-26] () [Datei ist nicht signiert]
S4 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [397592 2015-07-02] (ASUSTeK Computer Inc.)
S4 AsusGameFirstService; C:\Program Files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [346424 2015-04-10] (ASUSTeK)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-01] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-01] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-01] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
S4 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-08-30] (Logitech Inc.)
R2 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-10] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-10] (Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [218248 2016-11-15] (Geek Software GmbH)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 VSStandardCollectorService140; C:\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [43064 2015-06-11] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R2 AsRamDisk; C:\Windows\System32\DRIVERS\asramdisk.sys [111416 2014-05-07] (Asus)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21304 2014-02-17] (Olof Lagerkvist)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-01] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. )
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2016-09-25] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-06-18] (Intel Corporation)
R0 FNETHYRAMAS; C:\Windows\System32\drivers\FNETHYRAMAS.SYS [45688 2016-09-25] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2016-09-25] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-22] (Intel Corporation)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-09-08] (ASUSTeK Computer Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-11-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-07] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-07] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [45208 2016-08-30] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-08-30] (Logitech Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-27] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [172832 2015-05-08] (Intel Corporation)
R1 NFC_Driver; C:\Windows\System32\drivers\NFC_Driver.sys [48336 2015-04-10] (Titan ARC Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited)
S3 ALSysIO; \??\C:\Users\jones\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 21:45 - 2016-12-27 21:45 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-27 21:45 - 2016-12-27 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-27 21:45 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-27 21:42 - 2016-12-27 21:42 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-27 21:40 - 2016-12-27 21:42 - 00000000 ____D C:\AdwCleaner
2016-12-27 20:56 - 2016-12-27 20:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-27 20:12 - 2016-12-27 20:12 - 00053449 _____ C:\ComboFix.txt
2016-12-27 20:07 - 2016-12-27 20:12 - 00000000 ____D C:\Qoobox
2016-12-27 20:07 - 2016-12-27 20:11 - 00000000 ____D C:\Windows\erdnt
2016-12-27 20:07 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-27 20:07 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-27 20:07 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-27 20:07 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-27 19:52 - 2016-12-27 19:54 - 00231756 _____ C:\TDSSKiller.3.1.0.12_27.12.2016_19.52.28_log.txt
2016-12-27 19:32 - 2016-12-27 19:32 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd189635d92e505cf
2016-12-27 19:28 - 2016-12-27 19:28 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignfaec8f89809fe972
2016-12-27 19:16 - 2016-12-27 19:16 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignbddaa646791b707b
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigncddc75da6a02ca16
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign94bd6aa6adeb142e
2016-12-27 19:15 - 2016-12-27 19:15 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign2b84819e4db85ab0
2016-12-27 14:22 - 2016-12-27 21:49 - 00000000 ____D C:\FRST
2016-12-27 00:58 - 2016-12-27 00:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign354e97dde3ea7d29
2016-12-27 00:49 - 2016-12-27 00:49 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigne81e82cbe043aac0
2016-12-27 00:47 - 2016-12-27 00:47 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigndc9acc32be2c3f2d
2016-12-27 00:45 - 2016-12-27 00:45 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignfac97c20acb4c43b
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignf3c06d12ea8c3cff
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign91fa0ab59a8ca6c8
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7554ccbafccb7bee
2016-12-27 00:44 - 2016-12-27 00:44 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign628bacfd18266615
2016-12-25 21:10 - 2016-12-25 21:10 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign89c849fb7aa815fc
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd44e0b3ae7e2743f
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign76a445c852299d41
2016-12-25 20:53 - 2016-12-25 20:53 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1920737777514d0b
2016-12-25 16:48 - 2016-12-25 18:57 - 00001819 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000101 _____ C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\WirecastCache
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Wirecast
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Vara Software
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Roaming\Gameshow
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\Users\jones\AppData\Local\Telestream
2016-12-25 16:48 - 2016-12-25 16:48 - 00000000 ____D C:\ProgramData\Telestream
2016-12-23 23:47 - 2016-12-23 23:47 - 00430280 _____ C:\Windows\Minidump\122316-5818-01.dmp
2016-12-22 17:18 - 2016-12-22 17:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft FxCop
2016-12-22 11:44 - 2016-12-25 00:51 - 00000000 ____D C:\Users\jones\AppData\Roaming\FileZilla
2016-12-22 11:44 - 2016-12-22 11:46 - 00000000 ____D C:\Users\jones\AppData\Local\FileZilla
2016-12-22 11:44 - 2016-12-22 11:44 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-12-22 09:44 - 2016-12-27 21:42 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-21 16:13 - 2016-12-12 15:36 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2016-12-21 16:12 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-12-21 16:12 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-12-15 22:24 - 2016-12-15 22:24 - 00000000 ____D C:\Users\jones\AppData\Local\4kdownload.com
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-12-15 22:22 - 2016-12-15 22:22 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-12-15 20:28 - 2016-12-15 20:28 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-12-15 18:57 - 2016-12-15 18:57 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-15 18:57 - 2016-12-15 18:57 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-15 18:18 - 2016-12-27 21:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-15 18:18 - 2016-12-15 22:24 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 18:05 - 2016-12-14 18:05 - 00000000 ____D C:\Users\jones\AppData\Roaming\MySQL
2016-12-14 15:43 - 2016-12-14 15:43 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-12-14 09:51 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 09:51 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 09:51 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 09:51 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 09:51 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 09:51 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 09:51 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 09:51 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 09:51 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 09:51 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 09:51 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 09:51 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 09:51 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 09:51 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 09:51 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 09:51 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 09:51 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 09:51 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 09:51 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 09:51 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 09:51 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 09:51 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 09:51 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 09:51 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 09:51 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 09:51 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 09:51 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 09:51 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 09:51 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 09:51 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 09:51 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:51 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 09:51 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 09:51 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 09:51 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 09:51 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 09:51 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 09:51 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 09:51 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 09:51 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 09:51 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 09:51 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 09:51 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 09:51 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 09:51 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 09:51 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 09:51 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 09:51 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 09:51 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 09:51 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 09:51 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 09:51 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 09:51 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:51 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 09:51 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 09:51 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 09:51 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 09:51 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 09:51 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 09:51 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 09:51 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 09:51 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 09:51 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 09:51 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 09:51 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 09:51 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 09:51 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 09:51 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 09:51 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 09:51 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 09:51 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 09:51 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 09:51 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 09:50 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 09:50 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 09:50 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 09:50 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 09:50 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:50 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 09:50 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 09:50 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 09:50 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 09:50 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 09:50 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 09:50 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 09:50 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 09:50 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 09:50 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 09:50 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 09:50 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 09:50 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 09:50 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 09:50 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 09:50 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 09:50 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 09:50 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 09:50 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 09:50 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 09:50 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-13 18:18 - 2016-12-22 16:06 - 00000000 ____D C:\Program Files\MySQL
2016-12-13 18:18 - 2016-12-13 18:18 - 00003658 _____ C:\Windows\System32\Tasks\MySQLNotifierTask
2016-12-13 18:18 - 2016-12-13 18:18 - 00000469 _____ C:\Windows\ODBCINST.INI
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Users\jones\AppData\Roaming\Oracle
2016-12-13 18:18 - 2016-12-13 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-12-13 18:12 - 2016-12-25 16:35 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\Windows\System32\Tasks\MySQL
2016-12-13 18:12 - 2016-12-13 18:12 - 00000000 ____D C:\ProgramData\MySQL
2016-12-13 15:10 - 2016-12-13 15:10 - 00000000 ____D C:\Users\jones\AppData\Local\Chromium
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2016-12-12 18:35 - 2016-12-12 18:35 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-12-12 18:08 - 2016-12-12 18:10 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Daybreak Game Company
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\SCE
2016-12-12 18:08 - 2016-12-12 18:08 - 00000000 ____D C:\Users\jones\AppData\Local\Daybreak Game Company
2016-12-12 17:50 - 2016-12-12 17:50 - 00000000 ____D C:\Users\jones\AppData\Roaming\Apple Computer
2016-12-11 21:45 - 2016-12-12 18:35 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\Users\jones\AppData\Local\Apple
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-11 21:45 - 2016-12-11 21:45 - 00000000 ____D C:\ProgramData\Apple
2016-12-11 13:28 - 2016-12-11 13:42 - 00000000 ____D C:\Users\jones\AppData\Local\Troubleshooter
2016-12-11 13:16 - 2016-12-11 13:16 - 00000000 ____D C:\Users\jones\AppData\Local\Macromedia
2016-12-11 13:10 - 2016-11-23 14:37 - 00000570 _____ C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-12-11 13:09 - 2016-12-11 13:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-12-11 13:09 - 2016-12-11 13:09 - 00001636 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Users\jones\AppData\Local\Bluestacks
2016-12-11 13:09 - 2016-12-11 13:09 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-12-10 18:02 - 2016-12-10 18:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignb8ae7aa56fc1fb82
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignba25b980fad0f8bd
2016-12-10 17:58 - 2016-12-10 17:58 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign02fc446167f0ca14
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignc08a35b36bbfbe2c
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign32a7196cf398f5e2
2016-12-10 17:57 - 2016-12-10 17:57 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign249a5aef232b417a
2016-12-09 15:00 - 2016-12-09 15:00 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-09 15:00 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-09 15:00 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-09 15:00 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-09 15:00 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-09 14:59 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-09 14:59 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-09 14:59 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-09 14:58 - 2016-12-13 00:36 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-12-07 12:25 - 2016-12-07 12:25 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-12-06 20:27 - 2016-12-13 17:55 - 00000000 ____D C:\Users\jones\.VirtualBox
2016-12-06 20:27 - 2016-12-06 20:27 - 00000000 ____D C:\Users\jones\VirtualBox VMs
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-12-06 20:26 - 2016-12-06 20:26 - 00000000 ____D C:\Program Files\Oracle
2016-12-06 20:26 - 2016-11-21 17:45 - 00933088 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-12-06 20:26 - 2016-11-21 17:44 - 00150280 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignda27caeac2fc6849
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd11d79c13c8b7cb4
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign9131f71e0b828803
2016-12-06 20:02 - 2016-12-06 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign774b043f706c9930
2016-12-06 19:04 - 2016-12-06 19:04 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign94819b1d872688ce
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsignd81ca5932ec02288
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7f511a63b33f2a74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign7aec91d2846b7c74
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign677de4a702b881ab
2016-12-06 19:02 - 2016-12-06 19:02 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign3ca798d80f75dc7c
2016-12-06 17:31 - 2016-12-06 17:31 - 00000000 ____D C:\Users\jones\AppData\Roaming\NuGet
2016-12-04 20:46 - 2016-12-04 20:46 - 00001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2016-12-04 12:07 - 2016-12-04 12:07 - 00430376 _____ C:\Windows\Minidump\120416-8392-01.dmp
2016-12-04 11:55 - 2016-12-04 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-03 23:25 - 2016-12-03 23:25 - 00000000 ____D C:\Users\jones\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2016-12-03 22:11 - 2016-12-27 20:06 - 00000000 ___RD C:\Users\jones\Creative Cloud Files
2016-12-03 22:11 - 2016-12-27 20:06 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-12-03 21:53 - 2016-12-03 21:53 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-12-03 21:53 - 2016-12-03 21:53 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign65b3eecb41c9c89e
2016-12-03 21:42 - 2016-12-03 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1c3758160151a712
2016-12-03 21:40 - 2016-12-03 21:40 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna929a537f99eba8c
2016-12-03 21:39 - 2016-12-03 21:39 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsigna3078dbefe233b3a
2016-12-03 21:39 - 2016-12-03 21:39 - 00000000 ____D C:\Users\jones\AppData\Local\Tempzxpsign1b0e4e8584018b99
2016-12-03 18:22 - 2016-12-07 21:15 - 00000000 ____D C:\Users\jones\AppData\Roaming\vlc
2016-12-03 18:22 - 2016-12-03 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-03 17:18 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts_bkup
2016-12-03 17:05 - 2016-12-04 20:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-03 17:05 - 2016-12-04 20:34 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-12-03 17:05 - 2016-12-03 21:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-03 17:05 - 2016-12-03 17:05 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-jones-PC-jones
2016-12-03 17:05 - 2016-12-03 17:05 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2016-12-03 17:00 - 2016-12-25 16:45 - 00000000 ____D C:\Users\jones\AppData\Local\Deployment
2016-12-03 17:00 - 2016-12-03 17:00 - 00000000 ____D C:\Users\jones\AppData\Local\Apps\2.0
2016-12-03 16:47 - 2016-12-03 16:47 - 00002142 _____ C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:47 - 2016-12-03 16:47 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-03 16:44 - 2016-12-03 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-12-03 16:42 - 2016-12-03 16:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-12-03 16:00 - 2016-12-03 16:00 - 00000000 ____D C:\Users\jones\AppData\Local\{F28CC4D0-D624-A868-BBBC-8D809FD47118}
2016-12-02 21:24 - 2016-12-02 21:25 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngine
2016-12-02 21:24 - 2016-12-02 21:25 - 00000000 ____D C:\ProgramData\Epic
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\UnrealEngineLauncher
2016-12-02 21:24 - 2016-12-02 21:24 - 00000000 ____D C:\Users\jones\AppData\Local\EpicGamesLauncher
2016-11-30 20:50 - 2016-11-30 20:50 - 00000000 ____D C:\Users\jones\AppData\Local\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-11-30 20:49 - 2016-11-30 20:49 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\Python27
2016-11-28 21:07 - 2016-11-28 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-11-28 20:38 - 2016-11-28 20:38 - 00000000 ____D C:\Users\jones\AppData\Roaming\Skype
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ___RD C:\Users\jones\OneDrive
2016-11-28 20:36 - 2016-12-03 16:47 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-28 20:36 - 2016-11-28 20:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-11-28 20:30 - 2016-11-28 20:30 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-28 20:28 - 2016-12-27 20:56 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2016-11-27 14:27 - 2016-11-27 14:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-11-27 14:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2016-11-27 13:47 - 2016-11-27 13:47 - 00000000 ____D C:\Users\jones\AppData\Local\CrashRpt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-27 21:49 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-12-27 21:49 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-12-27 21:49 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-27 21:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-27 21:45 - 2016-11-25 16:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-27 21:45 - 2016-09-29 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-27 21:44 - 2016-11-19 11:59 - 00000000 ____D C:\Users\jones\AppData\LocalLow\Mozilla
2016-12-27 21:43 - 2016-09-26 18:07 - 00000000 ____D C:\Users\jones\AppData\Local\CrashDumps
2016-12-27 21:43 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-27 21:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-27 21:01 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 21:01 - 2009-07-14 05:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 20:56 - 2016-10-22 14:41 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-27 20:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-27 20:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-12-27 20:10 - 2009-07-14 03:34 - 19922944 _____ C:\Windows\system32\config\SYSTEM.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 120061952 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 08650752 _____ C:\Windows\system32\config\DEFAULT.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-12-27 20:10 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-12-27 20:05 - 2016-09-26 18:26 - 00000000 ____D C:\Users\jones\AppData\Local\Adobe
2016-12-27 19:38 - 2016-09-25 19:29 - 00075440 _____ C:\Users\jones\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-27 19:38 - 2016-09-25 18:52 - 00000000 ____D C:\Users\jones
2016-12-27 19:37 - 2016-11-19 21:41 - 00000000 ____D C:\Users\jones\AppData\Roaming\Battle.net
2016-12-27 19:37 - 2016-10-10 18:36 - 00000000 ____D C:\Users\jones\AppData\Roaming\Audacity
2016-12-27 19:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-12-26 11:54 - 2016-11-19 21:42 - 00000000 ____D C:\Users\jones\AppData\Local\Battle.net
2016-12-25 19:55 - 2016-11-14 18:04 - 00000000 ____D C:\Users\jones\AppData\Roaming\discord
2016-12-25 19:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-25 16:51 - 2016-10-22 14:40 - 00000000 ____D C:\Visual Studio
2016-12-25 16:51 - 2016-09-25 19:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-25 16:50 - 2016-10-22 14:42 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-25 16:50 - 2016-10-22 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-25 16:49 - 2016-10-22 14:51 - 00000000 ____D C:\Users\jones\AppData\Local\VSIXInstaller
2016-12-25 16:43 - 2016-10-22 14:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-12-25 16:43 - 2016-10-22 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-12-24 16:45 - 2016-10-12 17:38 - 00000000 ____D C:\Users\jones\AppData\Local\ElevatedDiagnostics
2016-12-23 23:47 - 2016-11-01 18:19 - 896961039 _____ C:\Windows\MEMORY.DMP
2016-12-23 23:47 - 2016-11-01 18:19 - 00000000 ____D C:\Windows\Minidump
2016-12-23 22:52 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-23 00:49 - 2016-10-20 18:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-23 00:48 - 2016-10-20 18:19 - 00000000 ____D C:\Users\jones\AppData\Roaming\Origin
2016-12-22 15:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-22 09:44 - 2016-09-25 20:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-21 16:25 - 2016-09-29 17:53 - 00000000 ____D C:\Users\jones\AppData\Local\UmmyVideoDownloader
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003824 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003648 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:08 - 00003588 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-21 16:13 - 2016-09-25 20:02 - 00000000 ____D C:\Users\jones\AppData\Local\NVIDIA Corporation
2016-12-21 16:13 - 2016-09-25 20:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 19:12 - 2016-11-21 20:07 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-20 19:12 - 2016-11-21 20:07 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-20 18:21 - 2016-11-18 15:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-20 18:21 - 2016-09-25 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 22:24 - 2016-10-12 17:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-15 22:24 - 2016-10-12 17:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-15 22:24 - 2016-10-12 17:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-15 20:51 - 2016-10-17 17:54 - 00000000 ____D C:\Users\jones\AppData\Local\Ubisoft Game Launcher
2016-12-15 19:13 - 2016-09-26 18:07 - 00000316 _____ C:\Users\jones\.packettracer
2016-12-15 18:58 - 2016-11-01 18:35 - 00000000 ____D C:\ProgramData\Oracle
2016-12-15 18:19 - 2016-09-25 20:06 - 00001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-15 18:14 - 2016-11-21 20:07 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 17:37 - 2009-07-14 05:45 - 05036728 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 22:35 - 2016-09-25 22:05 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 22:34 - 2016-09-25 22:05 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 22:33 - 2016-09-25 19:46 - 01594174 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-13 15:10 - 2016-09-25 21:31 - 00000000 ____D C:\Users\jones\AppData\Local\Steam
2016-12-12 15:37 - 2016-09-25 20:08 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-11 16:18 - 2016-10-29 22:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-11 13:09 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-12-10 22:42 - 2016-10-20 18:19 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-10 11:08 - 2016-11-21 20:07 - 00000000 ____D C:\Users\jones\AppData\Local\Google
2016-12-09 15:01 - 2016-09-25 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-09 15:01 - 2016-09-25 19:50 - 00000000 ____D C:\Temp
2016-12-09 14:58 - 2016-09-25 20:08 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-09 14:58 - 2016-09-25 20:00 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-07 17:53 - 2016-10-24 16:10 - 00000000 ____D C:\Users\jones\AppData\Local\fabi.me
2016-12-07 12:24 - 2016-09-25 19:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-07 12:15 - 2016-11-25 14:42 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-07 12:15 - 2016-06-20 17:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-07 12:15 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-06 20:23 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Roaming\VMware
2016-12-06 20:23 - 2016-10-05 18:07 - 00000000 ____D C:\ProgramData\VMware
2016-12-06 20:22 - 2016-10-05 19:37 - 00000000 ____D C:\Users\jones\AppData\Local\VMware
2016-12-04 20:46 - 2016-09-25 20:24 - 00000000 ____D C:\Users\jones\AppData\Roaming\Adobe
2016-12-04 12:23 - 2016-09-29 19:49 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 22:11 - 2016-09-25 19:31 - 00000000 ____D C:\ProgramData\Adobe
2016-12-03 16:41 - 2016-10-04 17:33 - 00000000 ____D C:\Users\jones\AppData\Roaming\Samsung
2016-12-03 16:41 - 2016-09-25 19:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-03 16:40 - 2016-09-25 18:53 - 00000000 ____D C:\Users\jones\AppData\Local\VirtualStore
2016-12-01 20:52 - 2016-11-19 17:52 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2016-10-22 22:09 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-01 20:52 - 2016-09-26 17:36 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-01 20:52 - 2016-09-25 20:01 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 20:52 - 2016-09-25 20:00 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2016-09-25 20:00 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-09-26 17:37 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2016-09-25 20:01 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-30 17:23 - 2016-11-25 19:03 - 00000000 ____D C:\Users\jones\AppData\Roaming\iw4play
2016-11-30 10:34 - 2016-09-25 20:01 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-29 19:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-27 02:29 - 2016-09-25 19:30 - 01048576 _____ C:\Windows\PE_Rom.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-25 16:48 - 2016-12-25 16:48 - 0000101 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.app_user_guid.xml
2016-12-25 16:48 - 2016-12-25 18:57 - 0001819 _____ () C:\Users\jones\AppData\Roaming\net.telestream.gameshow.xml
2016-09-26 19:04 - 2016-11-25 17:19 - 0007594 _____ () C:\Users\jones\AppData\Local\Resmon.ResmonCfg
2016-12-11 13:10 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\jones\AppData\Local\TroubleshooterConfig.json
2016-11-17 20:10 - 2016-11-17 20:10 - 0019456 _____ () C:\Users\jones\AppData\Local\WebpageIcons.db
2016-12-22 09:44 - 2016-12-27 21:43 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-22 09:44 - 2016-12-27 21:42 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
C:\Users\jones\AppData\Local\Temp\libeay32.dll
C:\Users\jones\AppData\Local\Temp\msvcr120.dll
C:\Users\jones\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-24 16:38
==================== Ende von FRST.txt ============================
|
|
28.12.2016, 14:23
| #11 |
| | AdditionCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von jones (27-12-2016 21:49:32)
Gestartet von D:\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-09-25 17:52:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1883078689-1713311263-2009741731-500 - Administrator - Disabled)
Gast (S-1-5-21-1883078689-1713311263-2009741731-501 - Limited - Disabled)
jones (S-1-5-21-1883078689-1713311263-2009741731-1000 - Administrator - Enabled) => C:\Users\jones
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.3.1485 - Open Media LLC)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_0) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.24 - ASUSTeK Computer Inc.)
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Assassin's Creed II (HKLM\...\Steam App 33230) (Version: - Ubisoft Montreal)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.30 - ASUSTeK Computer Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.78.7302 - BlueStack Systems, Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch)
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)
Camtasia 9 (HKLM-x32\...\{a3e71447-59c4-4a75-8b70-fd4d95054cc5}) (Version: 9.0.1.1422 - TechSmith Corporation)
Camtasia 9 (Version: 9.0.1.1422 - TechSmith Corporation) Hidden
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID ROG CPU-Z 1.72.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.72.1 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Epic Games Launcher (HKLM-x32\...\{2DE76AAC-8061-4D9B-B7BA-A7CFBE0F8048}) (Version: 1.1.86.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.23.0.2 (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GRID (HKLM\...\Steam App 12750) (Version: - Codemasters Studios)
Gyazo 3.2.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1141 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KeyBot II (HKLM-x32\...\{56496BBC-DA67-4DC7-9B90-398982CA641D}) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
MemTweakIt (HKLM-x32\...\{E51AAC3A-D66D-4912-B883-DAFBA249D10F}) (Version: 2.02.22 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProplusRetail - de-de) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MySQL Connector C++ 1.1.7 (HKLM\...\{A4310FCD-95D5-49B7-91BA-9A079F07B167}) (Version: 1.1.7 - Oracle and/or its affiliates)
MySQL Connector C++ 1.1.8 (HKLM\...\{4BFAEC5F-9E57-467F-A19F-2FF716DDC9E6}) (Version: 1.1.8 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{C681B554-3461-4030-9D6B-5C3420009CD3}) (Version: 5.1.40 - Oracle Corporation)
MySQL Connector Net 6.9.9 (HKLM-x32\...\{E09F82E9-3EB3-4725-BDC8-3C77F83E262C}) (Version: 6.9.9 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{17E48BE8-F0F8-42B6-82D3-7A5840694D79}) (Version: 5.3.6 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{0A0D2C15-D682-4036-BC8C-6E382E656CBB}) (Version: 5.7.17 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{074B4410-68CF-4B12-A02D-888384F51615}) (Version: 5.7.17 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{16CDE9E2-49CB-4D47-BE78-F20ADA452126}) (Version: 1.4.18.0 - Oracle Corporation)
MySQL Notifier 1.1.7 (HKLM-x32\...\{724CDD73-430E-47DA-8F4E-7DF2000BA268}) (Version: 1.1.7 - Oracle)
MySQL Utilities (HKLM\...\{7FC39694-83D7-4CBD-88D6-15D1DD698075}) (Version: 1.6.4 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{85664F8E-BFC5-46DE-AB5C-1EA6536AACBE}) (Version: 6.3.8 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PDF24 Creator 8.0.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.32 - ASUSTeK Computer Inc.)
ROG RAMDisk (HKLM-x32\...\{DE8C1883-4F14-40DF-8C8C-376157ADF5A3}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ROGRAMCACHE (HKLM-x32\...\ROGRAMCACHE) (Version: 1.07.18 - ASUSTeKcomputer Inc)
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.7.1.0 - ) <==== ACHTUNG
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D5A9B21-79F9-11E6-AAC4-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wireshark 2.2.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.2 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warships (HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1883078689-1713311263-2009741731-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02347E83-411E-49EB-9DCC-44884B5DF37C} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2016-07-29] (Oracle Corporation)
Task: {0DDD4A6A-8B01-4A6C-B01F-ECD35EC613E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {0F3F5F84-409A-4139-87FE-247E5D3D151B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {1D6566F2-BCE1-4399-B7C6-794361F60856} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-15] (Adobe Systems Incorporated)
Task: {24DDAC3E-69D2-49F1-B2F5-71395CE3A09C} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
Task: {35C91D42-284E-44AD-A63C-85B83984D6F4} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {35E8CBCF-8314-47F9-B69F-49DA7D5B022F} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2016-08-03] ()
Task: {41D6F4FE-DB23-460F-A504-7F3E66290F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-21] (Google Inc.)
Task: {4385C7DD-15C4-40A9-96CF-33E81F674C5D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {657D01E3-5636-4524-A9E5-D871A965B472} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Visual Studio\Common7\IDE\VSIXAutoUpdate.exe
Task: {6897188D-D45A-42F7-B69D-68C4D0B96088} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-06-30] ()
Task: {6C179E60-B08A-4CD9-88C5-45DB316302BB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {728FD162-E837-42F2-A265-D76C6B8CA44C} - System32\Tasks\ASUS\RamDisk => C:\Program Files (x86)\ASUS\ROG RAMDisk\loadImage.exe [2014-02-17] ()
Task: {8C8EC80E-3EBD-4017-84B8-FCA67264847F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {8E1F4D1B-C3B3-4E5A-B49A-971002F13A91} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {931F348E-E6BD-4F82-9D96-D71632C82248} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {951EF30F-ED14-4FBC-900E-6784CA0572EB} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2015-06-25] ()
Task: {95C26FB0-7E82-49FA-99D2-269E3FB82526} - System32\Tasks\ASUS\KeyBot II Execute => C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe [2015-06-18] ()
Task: {A8244554-CD1D-483D-8AC2-7D199408F4B2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {AAC68C65-D014-46B5-A05B-6C4F280EE446} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {B2D7C514-0204-4549-BE6D-1E17AB2F3D52} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
Task: {B318BF9E-6792-4153-893A-EF26B08D2758} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-06-30] (ASUSTeK Computer Inc.)
Task: {C0EDFD52-8F7A-4038-AAC1-5ADD05BD604E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {C8EE4871-472F-476C-A911-5928D6BCB4CE} - System32\Tasks\AdobeAAMUpdater-1.0-jones-PC-jones => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {CACC0433-3FCB-4369-8275-A89C90D25C9B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-21] (Google Inc.)
Task: {D2C3C216-BC96-4B35-8350-1456FDCEB516} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-02-06] ()
Task: {E768A948-E655-4F45-8883-03F12A494982} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2016-11-01] (Oracle Corporation)
Task: {EBEB6E64-39A4-49B3-AF6F-5F42EB8F3645} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {EE0F508B-DA2A-48C1-8F3A-07FD4888FA01} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {EFFA6A86-7077-4943-B947-F9BDAF8495A6} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2015-06-03] (TODO: <Company name>)
Task: {F6C4D860-0CB0-4D7E-84D3-6279B039E907} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
Task: {F87DDC75-A7D2-4F0F-BA42-31B8D89CA296} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-25 20:08 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-25 20:08 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-25 20:08 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-25 20:01 - 2016-12-01 18:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-12-03 16:47 - 2016-12-03 16:47 - 00959168 _____ () C:\Users\jones\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-21 21:16 - 2016-09-21 21:16 - 00230064 _____ () D:\Notepad++\NppShell_06.dll
2016-09-25 19:23 - 2015-02-06 13:53 - 01462584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-09-25 19:24 - 2014-08-28 09:37 - 00033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-08-30 01:17 - 2016-08-30 01:17 - 01096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-08-30 01:17 - 2016-08-30 01:17 - 00241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-12-27 21:45 - 2016-12-14 12:55 - 02259232 _____ () D:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kpcengine.2.3.dll
2016-09-25 20:08 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-25 20:08 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-25 20:08 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-25 19:23 - 2014-10-09 08:31 - 00237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-09-25 19:23 - 2014-02-24 16:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-09-25 19:23 - 2014-09-08 07:26 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-09-25 19:23 - 2014-09-26 14:40 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-09-25 20:08 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-25 20:08 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-25 20:08 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-25 21:31 - 2016-12-08 16:13 - 00656160 _____ () D:\Steam\SDL2.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 04969248 _____ () D:\Steam\v8.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-09-25 21:31 - 2016-09-01 02:02 - 01195296 _____ () D:\Steam\icuuc.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 02322720 _____ () D:\Steam\video.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-09-25 21:31 - 2016-01-27 08:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 00838944 _____ () D:\Steam\bin\chromehtml.DLL
2016-09-25 21:31 - 2016-07-04 23:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-09-21 21:16 - 2016-09-21 21:16 - 00021680 _____ () D:\Notepad++\plugins\NppExport.dll
2016-09-25 20:08 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-13 15:10 - 2016-12-05 17:21 - 67304736 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2016-09-25 21:31 - 2016-12-20 03:25 - 00388384 _____ () D:\Steam\steam.dll
2016-09-25 21:31 - 2015-09-25 00:52 - 00119208 _____ () D:\Steam\winh264.dll
2015-06-02 03:18 - 2015-06-02 03:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-12-27 20:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1883078689-1713311263-2009741731-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jones\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: AsusFanControlService => 2
MSCONFIG\Services: AsusGameFirstService => 2
MSCONFIG\Services: chip1click => 2
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: klvssbrigde64 => 3
MSCONFIG\Services: KSDE1.0.0 => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS AiChargerPlus Execute => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\jones\AppData\Local\Discord\app-0.0.296\Discord.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey
MSCONFIG\startupreg: MySQL Notifier => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ROGRAMCACHE => "C:\Program Files (x86)\ROGRAMCACHE\RamCache.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: World of Warships => "D:\World_of_Warships\WargamingGameUpdater.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7078A760-A183-4C4E-A352-D86FD967A1E3}] => C:\Windows\system32\ftp.exe
FirewallRules: [{CD099EA6-A537-4E10-83E6-C8B607A875C4}] => C:\Windows\system32\ftp.exe
FirewallRules: [{0FB9C180-0954-4CC3-A659-0F0E8BDF0AB3}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{875C8E0A-0CEC-49F5-8C53-74BFA41B17D0}] => C:\Windows\SysWOW64\ftp.exe
FirewallRules: [{84EC250D-1D49-460E-9900-CCDB7A8F798D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6FF07F1-3A8D-4C90-B4DD-893CA5995DAC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{631E16D8-8B15-4886-9169-553A53ACE835}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BC364940-5A85-4F77-983B-A98249E26A0B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5148924F-8F57-4A50-BC5D-71DFDEEEAB23}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7205A6E-E510-471E-A798-592DFAEC543D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D508EE0C-A2C7-4BCF-9DB9-CD0AAF59BD43}] => D:\Steam\Steam.exe
FirewallRules: [{7511F129-03EC-4E3D-980B-EF58432B7645}] => D:\Steam\Steam.exe
FirewallRules: [{00E949AB-8FDF-4972-94CF-893BF4746945}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{22E16669-F7CF-470B-8023-0A48244B7055}] => D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C7522EA8-1CD8-4729-9724-AF137FF9BFDE}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{188F1EAC-0219-4439-B98A-198CCE9299CD}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{5BFB251E-1AAD-46E9-9958-62FE29B4B1F7}] => D:\Sony Vegas Pro 14\vegas140.exe
FirewallRules: [{F6B94302-032C-4437-9E80-F11F41EE8652}] => D:\Sony Vegas Pro 14\vegas140.exe
FirewallRules: [TCP Query User{A2ABEE16-D780-4EB4-B9FC-4BDCDE3EBBA0}D:\bc\bitcoin\bitcoin-qt.exe] => D:\bc\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{9D8FD774-998E-48DF-A741-4E9C5BCBF58E}D:\bc\bitcoin\bitcoin-qt.exe] => D:\bc\bitcoin\bitcoin-qt.exe
FirewallRules: [{A25143C4-B31B-404A-8E40-4092457B2513}] => C:\Steam Spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{DE0B6786-CC44-4411-BB4A-37D569924D05}] => C:\Steam Spiele\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{C3DC8108-437E-4958-A82D-42C0758882CD}D:\phonerlite\phonerlite.exe] => D:\phonerlite\phonerlite.exe
FirewallRules: [UDP Query User{68A99F18-B480-4BFF-95F6-BC300A0C417E}D:\phonerlite\phonerlite.exe] => D:\phonerlite\phonerlite.exe
FirewallRules: [{3EC364AB-7A21-4AFA-AD6B-4CF5B4F10727}] => C:\Steam Spiele\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{4C030A22-26E7-4570-8DA1-FA8B8FF035D9}] => C:\Steam Spiele\steamapps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{57FFDD0C-E211-4917-93D5-C25B54758474}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0852E2B8-13A8-4B7F-87FA-AB9D25234CA1}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F349FC3E-8509-4692-80EC-F5F3CA77DB19}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{BDC8547B-BAC0-40A6-9BF9-1E5D9A0DD4C8}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EDE7B0F2-F8C2-4207-BA43-212718A9926F}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{2CB3A9AC-8A86-4FD7-9850-86554AFBD2F0}D:\cisco packet tracer 7.0\bin\packettracer7.exe] => D:\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [UDP Query User{3059C0A9-E3E3-4A7B-9CD5-89EA977AC551}D:\cisco packet tracer 7.0\bin\packettracer7.exe] => D:\cisco packet tracer 7.0\bin\packettracer7.exe
FirewallRules: [{4A5F2C5E-A2CD-417B-86A8-575BDF341281}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{240C618B-BC51-4A9D-AAAD-31767CEDE8AE}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{BE8D2B25-CD53-4323-876D-35E13D51F93C}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{363661A8-4F06-4200-822B-126C819B5293}] => D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{2F62919D-26AB-4DE9-8C1D-3565FCB84917}D:\battlenet games\overwatch\overwatch.exe] => D:\battlenet games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{EC54D3CA-573F-45AF-9FFF-1C72C3D1BA5F}D:\battlenet games\overwatch\overwatch.exe] => D:\battlenet games\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6F050561-763D-4CC0-9344-DAA8A9D48348}D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe] => D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe
FirewallRules: [UDP Query User{ADF7CA76-0D84-4E0E-9C75-255F8FA02898}D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe] => D:\desktop\alteriwnet\iwnetserver\iwnet\iwnetserver\bin\debug\iwnetserver.vshost.exe
FirewallRules: [TCP Query User{17697F18-74E4-4A05-9672-F49C22FF22B6}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{EA138ECA-788F-48D0-B637-9E8B3A653030}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [{9E51A635-881D-4EB4-B52B-1D805E06EF62}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{2B9924B5-AB53-481E-A534-CABEF58770C5}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{31EDF090-5E4F-4CE9-A01F-45212F8A46FF}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{CF9A98A5-6E19-4A56-8A9B-C535C3A4083A}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{ADA75E88-2BD5-4CBE-9A87-052A54EE07FF}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe
FirewallRules: [UDP Query User{DE778C4C-09DA-411F-A4BC-A9B873A8C8D5}D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\iw4m_server.exe
FirewallRules: [{610BFC8F-DCC3-4B7A-A738-170476015A47}] => LPort=8318
FirewallRules: [TCP Query User{830F4647-602E-4698-BDC5-A1F6B956A4E5}D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe
FirewallRules: [UDP Query User{AAD3B6D7-15A8-4B1D-AA30-21AFAC6831D7}D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe] => D:\steam\steamapps\common\call of duty modern warfare 2\server\iw4m_server.exe
FirewallRules: [TCP Query User{A2D335EE-4FB0-4F20-841E-C18BBD0BF5E1}D:\desktop\mw2 iw4m server\iw4m_server.exe] => D:\desktop\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{833250D0-CF36-4777-8449-5EDB50CB5672}D:\desktop\mw2 iw4m server\iw4m_server.exe] => D:\desktop\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{A129B85C-DF03-40CF-AC1D-DE2A37407EE5}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{32D339A2-0529-4F7F-AEC2-B8517A8C6D2E}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{9296CB0D-7C8D-4A79-A8A9-56E0A65FF9F2}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [UDP Query User{485F767D-600A-46DB-BD06-D8659C8B6EE8}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [TCP Query User{C377AA3D-4250-4C87-8965-74B85646EE7F}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [UDP Query User{1B492D30-1634-4AC4-B573-060AFDAEF4E6}D:\desktop\mw2 iw4m client\iw4mp.exe] => D:\desktop\mw2 iw4m client\iw4mp.exe
FirewallRules: [{516DBD36-6FCF-46E9-936F-0CFBC68250A8}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{85EB8774-FC3F-46F0-967A-103ECFEF5D23}D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe] => D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe
FirewallRules: [UDP Query User{C73460F3-6773-47EF-A815-4FF842C54D84}D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe] => D:\downloads\office\office 2013-2016 c2r install v5.6\files\bin\kmss.exe
FirewallRules: [TCP Query User{026F2AE6-9424-4C3D-9301-7CA9EF7F1551}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{DA3DDD15-92D1-4321-B833-7068A273543E}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{296E81C5-61E7-4364-80BC-530FCB9BFD48}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [UDP Query User{E547B11E-1767-4ECF-85EA-4C80368E37ED}D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe] => D:\desktop\iw4m server template\mw2 iw4m server\iw4m_server.exe
FirewallRules: [TCP Query User{2C49B268-586C-42EF-BF63-40969BD7DF4B}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{119ADB3A-CEE5-447A-8C0E-94AAF731F791}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A5881388-0D83-461A-8B8E-32EC2EC083D4}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4A6C1048-ECC7-45C2-92CD-FAC949E768B4}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{4C8B402B-5F1A-47FB-8720-88BA6369A2FB}C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe] => C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe
FirewallRules: [UDP Query User{56DA5824-9C89-4C53-AF63-E4600A12FE4B}C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe] => C:\users\jones\downloads\kms tools portable 12_08_2016\kms tools portable 12_08_2016\kms tools portable 12_08_2016\programs\office 2013-2016 c2r install v5.8.1\files\bin\kmss.exe
FirewallRules: [{1331DB14-39F3-482A-A01C-4F8E68B64538}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2A68245F-8E0B-40CC-9DE6-A86F802732E5}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{BBE7C430-BBD7-4B5B-869F-4C773C31EC90}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{110880D8-40B3-471B-979E-002C2D62F794}] => D:\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{1D8207B5-B297-4E47-88A5-93ED8BC33EA0}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{535B565A-0978-4D20-AD5E-044A6A2A1282}] => D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{5F6EF68B-AC7E-411F-B3A2-4809DAF64EB7}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{B81097E5-C4BA-42C0-B1FF-6B1967C37633}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{48AFC689-B4E4-4DC4-8489-01057EEEDAE4}] => D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D409E766-06AB-4074-BEE1-DA3AC17C3213}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{9BEC199F-4B37-4D8A-9F8E-7E1CEB5B8A78}] => D:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D492087-F7BA-4116-84A2-76BBFAE60E7D}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AD21BE1F-9B41-4D49-8EB4-E5C62B6AB777}] => D:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{EA6915D8-09E0-4CFE-9164-90917E86B974}] => D:\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{1C3F4029-392D-4E4B-84C6-48D3445884EE}] => D:\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{B652D912-38EA-4D9E-9BEE-D11AAD7D026A}] => D:\World_of_Warships\worldofwarships.exe
FirewallRules: [{E1F65A48-14FD-4F99-87B8-B94D1F1C052F}] => D:\World_of_Warships\worldofwarships.exe
FirewallRules: [{81B496D6-06F8-4786-81E3-61E1EF2CB304}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B0EBFBBB-E6A2-4B52-A9BB-566BAED4C9B9}] => D:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{67746EBF-681C-4852-A358-90988CA37158}] => D:\Steam\steamapps\common\Grid\grid.exe
FirewallRules: [{9C395C32-F4B5-4CD9-8E55-D285E3A83682}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{B04AED70-DF58-4EEB-86C2-02838A18B59A}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Wiederherstellungspunkte =========================
25-12-2016 16:33:16 Gameshow wird installiert
25-12-2016 16:35:21 Removed MySQL for Visual Studio 1.2.6
25-12-2016 16:42:39 Microsoft Visual Studio Enterprise 2015
25-12-2016 16:42:45 Visual Studio 2015 Update 3 (KB3022398)
25-12-2016 16:42:49 Update for Microsoft Visual Studio 2015 (KB3165756)
25-12-2016 20:04:38 Removed XSplit Broadcaster
25-12-2016 20:11:38 Gameshow wird entfernt
25-12-2016 20:17:06 Installed XSplit Broadcaster
27-12-2016 09:55:05 Windows Update
27-12-2016 19:36:34 Wiederherstellungsvorgang
27-12-2016 19:41:01 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/27/2016 09:44:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/27/2016 09:43:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsBCLK.exe, Version: 1.0.0.30, Zeitstempel: 0x558b6a4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xd6c
Startzeit der fehlerhaften Anwendung: 0x01d26081d49b4170
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 1f060921-cc75-11e6-8892-305a3a03ee15
Error: (12/27/2016 09:43:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PushNoticeMonitor.exe, Version: 1.0.1.2, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xccc
Startzeit der fehlerhaften Anwendung: 0x01d26081d5ff9c00
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 1d820901-cc75-11e6-8892-305a3a03ee15
Error: (12/27/2016 09:43:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KeyBotII.exe, Version: 1.0.0.4, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xd78
Startzeit der fehlerhaften Anwendung: 0x01d26081d49b4170
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 1cb2f161-cc75-11e6-8892-305a3a03ee15
Error: (12/27/2016 08:56:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/27/2016 08:54:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/27/2016 08:53:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsBCLK.exe, Version: 1.0.0.30, Zeitstempel: 0x558b6a4e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x10a8
Startzeit der fehlerhaften Anwendung: 0x01d2607ae2bac022
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 29d1b952-cc6e-11e6-8a8b-305a3a03ee15
Error: (12/27/2016 08:53:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PushNoticeMonitor.exe, Version: 1.0.1.2, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x1670
Startzeit der fehlerhaften Anwendung: 0x01d2607ae7528ff2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 26bf2222-cc6e-11e6-8a8b-305a3a03ee15
Error: (12/27/2016 08:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KeyBotII.exe, Version: 1.0.0.4, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0379
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x10b0
Startzeit der fehlerhaften Anwendung: 0x01d2607ae2bac022
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\KeyBot II\KeyBotII.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 25a8a142-cc6e-11e6-8a8b-305a3a03ee15
Error: (12/27/2016 08:12:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (12/27/2016 09:46:09 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:46:09 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:44:08 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:44:08 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:44:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (12/27/2016 09:43:29 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:43:29 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (12/27/2016 09:43:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (12/27/2016 09:43:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/27/2016 09:43:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
CodeIntegrity:
===================================
Date: 2016-12-27 20:10:07.947
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-12-27 20:10:07.916
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16309.87 MB
Verfügbarer physikalischer RAM: 12906.27 MB
Summe virtueller Speicher: 32617.93 MB
Verfügbarer virtueller Speicher: 29126.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:97.3 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:432.25 GB) NTFS
Drive e: (Gaming etc) (Fixed) (Total:931.51 GB) (Free:889.79 GB) NTFS
Drive f: (Kram) (Fixed) (Total:596.17 GB) (Free:521.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 000D32A8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 59787EEE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F030934C)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7FCA5EE5)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 01:45
| #12 | |
| /// Malwareteam | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt!Zitat:
Nur weil das Problem verschwunden ist, heißt nicht, dass du clean bist! Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter folder: C:\Users\jones\AppData\Local\Tempzxpsignd189635d92e505cf
folder: C:\Users\jones\AppData\Local\Tempzxpsignc08a35b36bbfbe2c
folder: C:\Users\jones\AppData\Local\{F28CC4D0-D624-A868-BBBC-8D809FD47118}
cmd: dir "C:\Users\jones\AppData\Local"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
Schritt: 3 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.12.2016, 08:55
| #13 |
| | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! Ja sorry erstmal. Ich war wohl zu voreilig :/ Ja ich habe das System neu installiert. Und zwar nicht Windows 7, sondern Windows 10. Aber das Problem ist immer noch da. Wenn ich einen neuen Ordner erstelle ist der sofort schreibgeschützt  Soll ich der Anleotung weiter folgen? |
|
29.12.2016, 15:20
| #14 |
| /// Malwareteam | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! also ich hab mal bei mir selber geschaut, ich glaube das ist einfach ganz normal so. Bei "Schreibgeschützt" ist ja auch kein Haken drin sondern es ist ausgefüllt - das heißt nicht unbedingt, dass der Schreibschutz aktiv ist. Schritt: 1 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Schritt: 2 Downloade Dir HitmanPro auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
Schritt: 3 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
29.12.2016, 22:07
| #15 |
| | Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Jones (Administrator) auf DESKTOP-9GBFBT9 (29-12-2016 20:36:46)
Gestartet von D:\Desktop
Geladene Profile: Jones (Verfügbare Profile: Jones)
Platform: Windows 10 Enterprise N Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "F:\Firefox\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
(SAVITECH) C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
() C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) F:\Firefox\firefox.exe
(Mozilla Corporation) F:\Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [373728 2015-07-20] ()
HKLM-x32\...\Run: [SVLoadSense] => c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe [1754320 2015-06-11] (SAVITECH)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c273dead-ebf0-4263-af28-805206c0bff2}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
FireFox:
========
FF ProfilePath: C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\fs0xxzgc.default [2016-12-29]
FF user.js: detected! => C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\fs0xxzgc.default\user.js [2016-12-29]
FF Extension: (uBlock Origin) - C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\fs0xxzgc.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-29]
FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-29] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-29] [ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2016-12-29] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2016-12-29] ()
StartMenuInternet: FIREFOX.EXE - F:\Firefox\firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [194000 2015-06-28] (Kaspersky Lab ZAO)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-02] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-28] (Kaspersky Lab UK Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [530416 2015-06-18] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-28] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [64368 2015-06-28] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [159960 2015-06-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [226480 2015-06-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831664 2015-06-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39792 2015-06-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [40304 2015-06-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [39792 2015-06-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-28] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-06-28] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [85360 2015-06-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [190648 2015-06-28] (Kaspersky Lab ZAO)
R1 SvThLSNS; c:\Program Files (x86)\SAVITECH\SVLoadSense\SvThLSNS.sys [15184 2015-06-11] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 20:36 - 2016-12-29 20:36 - 00000000 ____D C:\FRST
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Roaming\VEGAS Pro
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Roaming\VEGAS
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Publish Providers
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Roaming\MAGIX
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Local\VEGAS Pro
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Local\Sony
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\ProgramData\VEGAS Pro
2016-12-29 20:34 - 2016-12-29 20:34 - 00000000 ____D C:\ProgramData\MAGIX
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\Users\Jones\AppData\Local\VEGAS
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\ProgramData\VEGAS
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2016-12-29 20:33 - 2016-12-29 20:33 - 00000000 ____D C:\Program Files (x86)\VEGAS
2016-12-29 20:32 - 2016-12-29 20:34 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Sony
2016-12-29 20:23 - 2016-12-29 20:29 - 00000000 ____D C:\Users\Jones\AppData\Local\Mozilla
2016-12-29 20:23 - 2016-12-29 20:23 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Mozilla
2016-12-29 20:23 - 2016-12-29 20:23 - 00000000 ____D C:\Users\Jones\AppData\LocalLow\Mozilla
2016-12-29 20:13 - 2016-12-29 20:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-29 20:13 - 2016-12-29 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2016-12-29 20:13 - 2016-12-29 20:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-29 20:13 - 2015-06-28 21:13 - 00831664 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2016-12-29 20:13 - 2015-06-28 21:13 - 00226480 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2016-12-29 20:13 - 2015-06-28 21:13 - 00159960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2016-12-29 20:13 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-12-29 20:12 - 2016-12-29 20:12 - 00000000 ____D C:\ProgramData\APRP
2016-12-29 20:12 - 2015-05-14 16:49 - 00024824 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2016-12-29 20:10 - 2016-12-29 20:10 - 00003202 _____ C:\Windows\System32\Tasks\SS2svc64Run
2016-12-29 20:10 - 2016-12-29 20:10 - 00003194 _____ C:\Windows\System32\Tasks\SS2svc32Run
2016-12-29 20:10 - 2016-12-29 20:10 - 00000000 ____D C:\Users\Jones\AppData\Local\SS22.2.7
2016-12-29 20:08 - 2016-12-29 20:08 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-12-29 20:08 - 2016-12-29 20:08 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2016-12-29 20:07 - 2016-12-29 20:07 - 00003214 _____ C:\Windows\System32\Tasks\SS2UILauncherRun
2016-12-29 20:07 - 2016-12-29 20:07 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-12-29 20:07 - 2016-12-29 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Suite 2
2016-12-29 20:07 - 2016-12-29 20:07 - 00000000 ____D C:\Program Files\Realtek
2016-12-29 20:07 - 2016-12-29 20:07 - 00000000 ____D C:\Program Files\ASUSTeKcomputer.Inc
2016-12-29 20:07 - 2016-12-29 20:07 - 00000000 ____D C:\Program Files (x86)\SAVITECH
2016-12-29 20:07 - 2015-07-07 12:13 - 04514008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-12-29 20:07 - 2015-07-07 08:54 - 35222128 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-12-29 20:07 - 2015-07-06 09:05 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-12-29 20:07 - 2015-07-03 06:11 - 05714880 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-12-29 20:07 - 2015-07-01 11:18 - 01749208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-12-29 20:07 - 2015-06-30 09:04 - 00184688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-12-29 20:07 - 2015-06-26 13:10 - 01310936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-12-29 20:07 - 2015-06-22 07:43 - 02702552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-12-29 20:07 - 2015-06-17 07:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-12-29 20:07 - 2015-05-15 12:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-12-29 20:07 - 2015-01-19 11:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-12-29 20:07 - 2014-11-11 06:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-12-29 20:07 - 2014-10-24 03:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-12-29 20:07 - 2014-10-24 03:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-12-29 20:07 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-12-29 20:07 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-12-29 20:06 - 2016-12-29 20:07 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-29 20:06 - 2016-12-29 20:07 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ____D C:\Users\Jones\Intel
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ____D C:\ProgramData\Intel
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ____D C:\Program Files\Intel
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-29 20:06 - 2016-12-29 20:06 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-29 20:06 - 2015-06-08 09:13 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-12-29 20:06 - 2015-05-07 08:31 - 00404752 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2016-12-29 20:06 - 2015-05-07 08:17 - 00001904 ____N C:\Windows\system32\SetupBD.din
2016-12-29 20:06 - 2014-05-22 09:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2016-12-29 20:06 - 2013-06-21 04:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-12-29 20:02 - 2016-12-29 20:13 - 00000937 _____ C:\Windows\Ascd_ProcessLog.ini
2016-12-29 20:02 - 2016-12-29 20:12 - 00052860 _____ C:\Windows\Ascd_tmp.ini
2016-12-29 20:02 - 2016-12-29 20:08 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-12-29 20:02 - 2014-09-09 03:14 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2016-12-29 20:02 - 2014-09-09 03:14 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2016-12-29 16:03 - 2015-06-22 04:42 - 01455552 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-12-29 16:00 - 2015-06-18 02:54 - 00003130 _____ C:\Windows\system32\e1d65x64.din
2016-12-29 16:00 - 2015-06-18 02:38 - 00530416 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d65x64.sys
2016-12-29 16:00 - 2015-06-16 18:28 - 00090608 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll
2016-12-29 16:00 - 2015-04-01 21:46 - 00075288 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll
2016-12-29 16:00 - 2014-04-18 06:17 - 00125728 _____ (Intel Corporation) C:\Windows\system32\NicCo4.dll
2016-12-29 13:07 - 2016-12-29 13:07 - 00000000 ____D C:\Users\Jones\AppData\Local\Publishers
2016-12-29 13:04 - 2016-12-29 13:04 - 00000000 ____D C:\Users\Jones\AppData\Local\Comms
2016-12-29 12:51 - 2016-12-29 12:51 - 00000000 ____D C:\Users\Jones\AppData\Local\ActiveSync
2016-12-29 12:50 - 2016-12-29 12:50 - 00000000 ____D C:\Users\Jones\AppData\Local\MicrosoftEdge
2016-12-29 12:49 - 2016-12-29 13:07 - 00000000 ____D C:\Users\Jones\AppData\Local\Packages
2016-12-29 12:49 - 2016-12-29 12:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-29 12:49 - 2016-12-29 12:49 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Adobe
2016-12-29 12:49 - 2016-12-29 12:49 - 00000000 ____D C:\Users\Jones\AppData\Local\VirtualStore
2016-12-29 12:49 - 2016-12-29 12:49 - 00000000 ____D C:\Users\Jones\AppData\Local\TileDataLayer
2016-12-29 12:48 - 2016-12-29 20:06 - 00000000 ____D C:\Users\Jones
2016-12-29 12:48 - 2016-12-29 12:48 - 00000020 ___SH C:\Users\Jones\ntuser.ini
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Vorlagen
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Startmenü
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Netzwerkumgebung
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Lokale Einstellungen
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Eigene Dateien
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Druckumgebung
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\AppData\Local\Verlauf
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\AppData\Local\Anwendungsdaten
2016-12-29 12:48 - 2016-12-29 12:48 - 00000000 _SHDL C:\Users\Jones\Anwendungsdaten
2016-12-29 12:07 - 2016-12-29 20:22 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-29 12:07 - 2016-12-29 12:07 - 00000000 ____D C:\Windows\CSC
2016-12-29 12:07 - 2015-10-30 08:15 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-12-29 12:06 - 2016-12-29 12:06 - 00000000 ____D C:\ProgramData\USOShared
2016-12-29 12:05 - 2016-12-29 20:15 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Programme
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-12-29 12:05 - 2016-12-29 12:05 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-12-29 12:04 - 2016-12-29 12:04 - 00189344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-29 12:04 - 2016-12-29 12:04 - 00000000 ____D C:\Windows\ServiceProfiles
2016-12-29 12:03 - 2016-12-29 12:05 - 00000000 ____D C:\Windows\Panther
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 20:29 - 2015-10-30 08:21 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-29 20:22 - 2015-10-30 19:27 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-12-29 20:22 - 2015-10-30 19:27 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-12-29 20:22 - 2015-10-30 08:19 - 00000000 ____D C:\Windows\INF
2016-12-29 20:14 - 2015-10-30 07:28 - 00065536 ___SH C:\Windows\system32\config\BBI
2016-12-29 20:13 - 2015-10-30 08:21 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-12-29 20:13 - 2015-10-30 07:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-12-29 13:12 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\AppReadiness
2016-12-29 13:07 - 2015-10-30 08:21 - 00000000 ___RD C:\Windows\DevicesFlow
2016-12-29 13:07 - 2015-10-30 08:21 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-29 12:49 - 2015-10-30 08:21 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-12-29 12:49 - 2015-10-30 08:21 - 00000000 ___RD C:\Windows\PrintDialog
2016-12-29 12:49 - 2015-10-30 08:21 - 00000000 ___RD C:\Windows\MiracastView
2016-12-29 12:49 - 2015-10-30 08:21 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-12-29 12:10 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\rescache
2016-12-29 12:07 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\system32\spool
2016-12-29 12:07 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-29 12:06 - 2015-10-30 08:21 - 00000000 ____D C:\ProgramData\USOPrivate
2016-12-29 12:05 - 2015-10-30 08:21 - 00000000 ____D C:\Program Files\Windows NT
2016-12-29 12:05 - 2015-10-30 07:28 - 00000000 ____D C:\Windows\system32\Sysprep
2016-12-29 12:03 - 2015-10-30 08:21 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-12-29 11:33 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\SystemApps
2016-12-29 11:33 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp
2016-12-29 11:17 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-12-29 11:10 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-29 12:04
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Jones (29-12-2016 20:37:01)
Gestartet von D:\Desktop
Windows 10 Enterprise N Version 1511 (X64) (2016-12-29 11:10:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1558475319-1772728970-3572379891-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1558475319-1772728970-3572379891-503 - Limited - Disabled)
Gast (S-1-5-21-1558475319-1772728970-3572379891-501 - Limited - Disabled)
Jones (S-1-5-21-1558475319-1772728970-3572379891-1001 - Administrator - Enabled) => C:\Users\Jones
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{3c798a4a-1fb6-4557-9129-a66200b5b602}) (Version: 2.2.701 - ASUSTeKcomputer.Inc)
CheckDevicesConfigurator (Version: 2.2.701 - ASUSTeKcomputer.Inc) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1141 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
LauncherSetup (Version: 2.2.701 - ASUSTeKcomputer.Inc) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
NahimicSettingsConfigurator (Version: 2.2.701 - ASUSTeKcomputer.Inc) Hidden
ProductDaemonSetup (Version: 2.2.701 - ASUSTeKcomputer.Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SonicRadarSetup (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden
SonicStudioSetup (Version: 2.2.701 - ASUSTeKcomputer.Inc) Hidden
SVLoadSense (HKLM-x32\...\{C4226734-F925-448C-8F15-0D5419F003DF}) (Version: 1.0.10 - SAVITECH)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D5A9B21-79F9-11E6-AAC4-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0F105140-BA3A-4945-8A67-541309B06FFC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] ()
Task: {2120ABEE-3C94-4C17-9700-60AB1540CCE7} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe [2015-07-20] ()
Task: {B92B80D4-9DAD-4D18-9315-E939B3232E41} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe [2015-07-20] ()
Task: {F7599DAA-7591-4DBA-B2C4-D6797CD1817A} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [2015-07-20] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:16 - 2015-10-30 08:16 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-29 20:08 - 2014-04-24 07:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-05-19 09:11 - 2015-05-19 09:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-12-29 20:08 - 2015-05-08 07:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-10-30 08:16 - 2015-10-30 08:16 - 02652784 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-20 16:52 - 2015-07-20 16:52 - 00229344 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll
2015-07-20 16:52 - 2015-07-20 16:52 - 00336864 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll
2015-10-30 08:16 - 2015-10-30 08:16 - 02652784 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-30 08:16 - 2015-10-30 08:16 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:16 - 2015-10-30 08:16 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-12-29 20:06 - 2014-05-22 09:24 - 00096568 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2015-07-20 16:47 - 2015-07-20 16:47 - 00373728 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
2015-07-20 16:47 - 2015-07-20 16:47 - 02608640 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
2015-07-20 16:53 - 2015-07-20 16:53 - 00295936 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
2016-12-29 20:08 - 2016-12-29 20:15 - 00039720 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-12-29 20:08 - 2015-05-08 07:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-07-20 16:46 - 2015-07-20 16:46 - 00199136 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2DevProps.dll
2015-07-20 16:47 - 2015-07-20 16:47 - 00119808 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll
2015-07-20 16:46 - 2015-07-20 16:46 - 00300000 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
2015-06-02 04:18 - 2015-06-02 04:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:21 - 2015-10-30 08:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1558475319-1772728970-3572379891-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{7350D138-C089-40CC-9F1A-ABAD1D343515}] => F:\Firefox\firefox.exe
FirewallRules: [{2EA50268-3BF7-49D0-AF8B-A4270735F5C8}] => F:\Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
29-12-2016 20:06:40 Intel® Netzwerkanschlüsse
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/29/2016 08:37:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_tzautoupdate, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: tzautoupdate.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003809
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0x01d2620aeae82bd7
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\tzautoupdate.dll
Berichtskennung: e865cb52-76ec-4281-bf5c-be58d6534fc3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2016 08:37:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e272e3e2-732f-4c65-a8f0-484747d0d947;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/29/2016 08:36:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_tzautoupdate, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: tzautoupdate.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003809
ID des fehlerhaften Prozesses: 0x1648
Startzeit der fehlerhaften Anwendung: 0x01d2620ae7412825
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\tzautoupdate.dll
Berichtskennung: 94d5ba3a-e3a6-49b9-b0c4-546260d74be1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2016 08:36:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e272e3e2-732f-4c65-a8f0-484747d0d947;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/29/2016 08:36:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_tzautoupdate, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: tzautoupdate.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003809
ID des fehlerhaften Prozesses: 0x6c0
Startzeit der fehlerhaften Anwendung: 0x01d2620ae39a6d22
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\tzautoupdate.dll
Berichtskennung: ef075aae-285e-4f67-97cd-9211149240d5
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2016 08:36:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e272e3e2-732f-4c65-a8f0-484747d0d947;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/29/2016 08:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_tzautoupdate, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: tzautoupdate.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003809
ID des fehlerhaften Prozesses: 0xa38
Startzeit der fehlerhaften Anwendung: 0x01d2620adff34fd6
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\tzautoupdate.dll
Berichtskennung: 0b0732a3-d9b0-420c-8dfa-2d7de897c4c4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2016 08:36:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e272e3e2-732f-4c65-a8f0-484747d0d947;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (12/29/2016 08:36:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_tzautoupdate, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: tzautoupdate.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003809
ID des fehlerhaften Prozesses: 0x368
Startzeit der fehlerhaften Anwendung: 0x01d2620adc4e9a73
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\tzautoupdate.dll
Berichtskennung: ee8102b6-dcae-4d50-a7ac-f2d18ee8c04c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/29/2016 08:36:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=e272e3e2-732f-4c65-a8f0-484747d0d947;NotificationInterval=1440;Trigger=NetworkAvailable
Systemfehler:
=============
Error: (12/29/2016 08:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde unerwartet beendet. Dies ist bereits 210 Mal passiert.
Error: (12/29/2016 08:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosediensthost" wurde unerwartet beendet. Dies ist bereits 210 Mal passiert.
Error: (12/29/2016 08:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Automatische Zeitzonenaktualisierung" wurde unerwartet beendet. Dies ist bereits 213 Mal passiert.
Error: (12/29/2016 08:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Netzwerkspeicher-Schnittstellendienst" wurde unerwartet beendet. Dies ist bereits 213 Mal passiert.
Error: (12/29/2016 08:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Netzwerklistendienst" wurde unerwartet beendet. Dies ist bereits 213 Mal passiert.
Error: (12/29/2016 08:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde unerwartet beendet. Dies ist bereits 209 Mal passiert.
Error: (12/29/2016 08:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosediensthost" wurde unerwartet beendet. Dies ist bereits 209 Mal passiert.
Error: (12/29/2016 08:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Automatische Zeitzonenaktualisierung" wurde unerwartet beendet. Dies ist bereits 212 Mal passiert.
Error: (12/29/2016 08:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Netzwerkspeicher-Schnittstellendienst" wurde unerwartet beendet. Dies ist bereits 212 Mal passiert.
Error: (12/29/2016 08:36:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Netzwerklistendienst" wurde unerwartet beendet. Dies ist bereits 212 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-29 12:05:03.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16309.88 MB
Verfügbarer physikalischer RAM: 13968.75 MB
Summe virtueller Speicher: 19253.88 MB
Verfügbarer virtueller Speicher: 17009.23 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.33 GB) (Free:204.84 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:642.61 GB) NTFS
Drive e: (Kram) (Fixed) (Total:596.17 GB) (Free:521.74 GB) NTFS
Drive f: (Programme) (Fixed) (Total:931.51 GB) (Free:930.21 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 000D32A8)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 59787EEE)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F030934C)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7FCA5EE5)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : DESKTOP-9GBFBT9
Windows . . . . . . . : 10.0.0.10586.X64/4
User name . . . . . . : DESKTOP-9GBFBT9\Jones
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2016-12-29 20:38:16
Scan mode . . . . . . : Normal
Scan duration . . . . : 56s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 0
Objects scanned . . . : 940.345
Files scanned . . . . : 14.065
Remnants scanned . . : 133.229 files / 793.051 keys
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=996aca13cf23a849aba479ca564d35fe
# end=init
# utc_time=2016-12-29 07:42:15
# local_time=2016-12-29 08:42:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31896
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=996aca13cf23a849aba479ca564d35fe
# end=updated
# utc_time=2016-12-29 07:44:36
# local_time=2016-12-29 08:44:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=996aca13cf23a849aba479ca564d35fe
# engine=31896
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-29 07:56:45
# local_time=2016-12-29 08:56:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1303 16777213 100 100 4595 110616635 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 36815382 36855640 0 0
# scanned=99205
# found=3
# cleaned=3
# scan_time=728
sh=E70444FB9858CBE8324FD93C9A64D97E11003FE9 ft=1 fh=d94d2caac38634cc vn="Variante von Win32/Packed.NoobyProtect.L verdächtige Datei (Gesäubert durch Löschen)" ac=C fn="E:\54729cf3545add.exe"
sh=0739D7E171702D258F319E243D6230D48877DFC1 ft=1 fh=d94d2caac38634cc vn="Variante von Win32/Packed.NoobyProtect.L verdächtige Datei (Gesäubert durch Löschen)" ac=C fn="E:\68a5dc5a.exe"
sh=7049A2E0A81CBA41845EDD32A4213BCF3143C8B0 ft=1 fh=aa53b2ce1c37e7b0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="E:\Vegas Pro - CHIP-Installer.exe"
|
|
| Themen zu Windows 7: Plötzlich alle Ordner und Unterordner schreibgeschützt! |
| aktiviert, befinden, gestern, https, launch, meinem, nicht, node.js, nvcontainer, ordner, ordnern, plötzlich, schreibgeschützt, schreibschutz, system, ublock, ublock origin, versuche, windows, windows 7 |
WARNUNG an die MITLESER: 
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
