|
Plagegeister aller Art und deren Bekämpfung: PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
17.01.2017, 20:20 | #1 |
| PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Hallo zusammen! Im letzten Jahr wurde ich Opfer des "Teamviewer hacks" und mir wurde das Paypalkonto leergeräumt. Habe sämtliche Passwörter geändert usw. und scan mit KIS gemacht ohne Fund. Diese Tage habe ich bei Amazon einen Gutschein gekauft. 6 Stunden später wurde ein digitales Gut von jemand fremden mit meinen Daten gekauft. Nun habe ich erneut gescannt mit: - KIS Notfall-ISO: Kein Fund - dem normal installierten KIS: kein Fund - Malwarebyte : Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 17.01.17 Scan-Zeit: 19:57 Protokolldatei: Administrator: Ja -Softwaredaten- Version: 3.0.5.1299 Komponentenversion: 1.0.43 Version des Aktualisierungspakets: 1.0.1038 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: SR-PC\SR -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 538306 Abgelaufene Zeit: 5 Min., 5 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 8 PUP.Optional.Babylon, HKU\S-1-5-21-986338530-4122884952-956410517-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [2110], [167673],1.0.1038 Adware.1ClickDownload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}, In Quarantäne, [11721], [169918],1.0.1038 Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}, In Quarantäne, [11721], [169918],1.0.1038 Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}, In Quarantäne, [11721], [169918],1.0.1038 PUP.Optional.FunMoods, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}, In Quarantäne, [4098], [168020],1.0.1038 PUP.Optional.FunMoods, HKU\S-1-5-21-986338530-4122884952-956410517-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, In Quarantäne, [4098], [251627],1.0.1038 PUP.Optional.FunMoods, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, In Quarantäne, [4098], [251628],1.0.1038 PUP.Optional.FunMoods, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, In Quarantäne, [4098], [251628],1.0.1038 Registrierungswert: 1 PUP.Optional.Babylon, HKU\S-1-5-21-986338530-4122884952-956410517-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, In Quarantäne, [2110], [235650],1.0.1038 Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 2 PUP.Optional.Babylon, C:\Users\SR\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In Quarantäne, [2110], [175554],1.0.1038 PUP.Optional.Babylon, C:\USERS\SR\APPDATA\LOCALLOW\BABYLONTOOLBAR, In Quarantäne, [2110], [175554],1.0.1038 Datei: 2 PUP.Optional.AshampooRegistryCleaner, C:\PROGRAMDATA\ASHAMPOO\ICO_ASHAMPOO_MARKETPLACE.ICO, Keine Aktion durch Benutzer, [2790], [355157],1.0.1038 PUP.Optional.FunMoods, C:\USERS\SR\APPDATA\LOCAL\funmoods.crx, In Quarantäne, [4098], [238575],1.0.1038 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) Habt Ihr nen Tipp. Windows 10 neu installieren? Danke schonmal, René |
18.01.2017, 14:15 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Scan mit Farbar's Recovery Scan Tool (FRST)
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
18.01.2017, 15:51 | #3 |
| PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Vielen Dank schonmal, dass Du versuchst mir zu helfen.
__________________Hier die FRST.txt: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017 durchgeführt von SR (Administrator) auf SR-PC (18-01-2017 15:36:47) Gestartet von D:\Downloads Geladene Profile: SR (Verfügbare Profile: SR & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Firebird Project) C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbguard.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Firebird Project) C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbserver.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Creative Technology Ltd.) C:\Windows\V0790Mon.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\wmi64.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [5889816 2011-12-07] (Logitech Inc.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-14] (Microsoft Corporation) HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry HKLM-x32\...\Run: [V0790Mon.exe] => C:\WINDOWS\V0790Mon.exe [41600 2015-09-17] (Creative Technology Ltd.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5380368 2015-07-20] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-19] (Acronis International GmbH) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-986338530-4122884952-956410517-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Keine Datei ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{557374e3-6b6e-4ea1-9f15-354d432c9f62}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-986338530-4122884952-956410517-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-986338530-4122884952-956410517-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ SearchScopes: HKU\S-1-5-21-986338530-4122884952-956410517-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-04] (AO Kaspersky Lab) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation) BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> Keine Datei BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation) BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Keine Datei BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-04] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-07] (Oracle Corporation) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> Keine Datei BHO-x32: G Data BankGuard -> {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} -> Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-07] (Oracle Corporation) Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-04] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 11\SPMIEToolbar.dll [2011-06-29] (Steganos GmbH) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2016-12-04] (AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-986338530-4122884952-956410517-1000 -> Kein Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - Keine Datei DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-986338530-4122884952-956410517-1000 -> hxxp://www.google.de/ FireFox: ======== FF DefaultProfile: o61wauln.Standard-Benutzer FF ProfilePath: C:\Users\SR\AppData\Roaming\TomTom\HOME\Profiles\oq39poo8.default [2014-06-23] FF Extension: (RenaultTheme) - C:\Users\SR\AppData\Roaming\TomTom\HOME\Profiles\oq39poo8.default\Extensions\RenaultTheme@tomtom.com [2014-06-23] [ist nicht signiert] FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden] FF ProfilePath: C:\Users\SR\AppData\Roaming\Mozilla\Firefox\Profiles\o61wauln.Standard-Benutzer [2017-01-18] FF Homepage: Mozilla\Firefox\Profiles\o61wauln.Standard-Benutzer -> hxxps://www.google.de hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxps://mail.google.com/mail/&ss=1&scc=1<mpl=googlemail&emr=1&osid=1#identifier FF Extension: (Flash and Video Download) - C:\Users\SR\AppData\Roaming\Mozilla\Firefox\Profiles\o61wauln.Standard-Benutzer\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-12-04] FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Password Manager 11\spmplugin3 FF Extension: (Steganos Password Manager) - C:\Program Files (x86)\Steganos Password Manager 11\spmplugin3 [2012-04-02] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-12-04] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-12-10] () FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB) FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-05] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-12-10] () FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-07] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation) FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll [2010-02-03] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-986338530-4122884952-956410517-1000: @hola.org/vlc,version=1.8.103 -> C:\Users\SR\AppData\Local\Hola\firefox\app\vlc [2015-05-31] () FF Plugin HKU\S-1-5-21-986338530-4122884952-956410517-1000: @protectdisc.com/NPMPDRM -> C:\Users\SR\AppData\Local\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( ) FF Plugin HKU\S-1-5-21-986338530-4122884952-956410517-1000: @protectdisc.com/NPPDLicenseHelper -> C:\Users\SR\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( ) Chrome: ======= CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-04-02] (Creative Labs) [Datei ist nicht signiert] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [Datei ist nicht signiert] R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] R2 FirebirdGuardianbuhlMB; C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbguard.exe [98304 2015-08-25] (Firebird Project) [Datei ist nicht signiert] R3 FirebirdServerbuhlMB; C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbserver.exe [3813376 2015-01-19] (Firebird Project) [Datei ist nicht signiert] S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-04-20] (Macrovision Europe Ltd.) [Datei ist nicht signiert] S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert] S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation) R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-11] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-11] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-25] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-14] (Microsoft Corporation) S4 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Datei ist nicht signiert] R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH) S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) S3 cxbu0x64; C:\WINDOWS\system32\DRIVERS\cxbu0x64.sys [191224 2014-05-14] (HID Global Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] () S3 ewusbnet; C:\WINDOWS\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2016-07-01] (Acronis International GmbH) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-04-03] () R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [237912 2016-12-04] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2017-01-11] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [992600 2016-08-18] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [87984 2016-08-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [110424 2016-08-18] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-17] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-18] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-18] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-18] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-18] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 SCL01164; C:\WINDOWS\System32\DRIVERS\SCL01164.sys [72320 2010-05-07] (SCM Microsystems Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 StkTMini; C:\WINDOWS\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek) [Datei ist nicht signiert] R2 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1058632 2016-07-01] (Acronis International GmbH) S2 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [248648 2016-07-01] (Acronis International GmbH) R3 V0790Vid; C:\WINDOWS\system32\DRIVERS\V0790Vid.sys [390648 2015-09-17] (Creative Technology Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-17 20:56 - 2017-01-18 15:36 - 00000000 ____D C:\FRST 2017-01-17 19:56 - 2017-01-18 15:34 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-17 19:56 - 2017-01-18 15:34 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-17 19:56 - 2017-01-18 15:34 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-17 19:56 - 2017-01-18 15:34 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-17 19:56 - 2017-01-17 19:56 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-17 19:56 - 2017-01-17 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-17 19:55 - 2017-01-17 19:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-17 19:55 - 2017-01-17 19:55 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-17 19:55 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-12 08:47 - 2017-01-12 08:47 - 00032768 _____ C:\WINDOWS\system32\persistent_q.db-shm 2017-01-12 08:47 - 2017-01-12 08:47 - 00023088 _____ C:\WINDOWS\system32\persistent_q.db-wal 2017-01-12 08:47 - 2017-01-12 08:47 - 00001024 _____ C:\WINDOWS\system32\persistent_q.db 2017-01-03 06:00 - 2017-01-17 20:24 - 00000000 ____D C:\Users\SR\AppData\Local\CrashDumps 2016-12-26 10:59 - 2016-12-26 10:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plants vs Zombies GW2 2016-12-26 10:45 - 2016-12-26 10:45 - 00003976 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00003948 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00003912 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00003886 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00003724 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00003682 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2016-12-26 10:45 - 2016-12-26 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-12-26 10:45 - 2016-12-12 04:03 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2016-12-26 10:44 - 2016-12-26 10:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2016-12-26 10:44 - 2016-12-12 04:03 - 00215608 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-12-26 10:44 - 2016-12-12 04:03 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2016-12-26 10:44 - 2016-12-11 19:23 - 00134712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-12-26 10:44 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2016-12-26 10:44 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll 2016-12-26 10:44 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2016-12-26 10:44 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe 2016-12-26 10:43 - 2016-12-26 10:45 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-12-26 10:41 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00046024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2016-12-26 10:41 - 2016-12-12 04:03 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2016-12-26 10:41 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2016-12-26 10:41 - 2016-12-12 04:03 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2016-12-26 08:13 - 2016-12-26 08:13 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller 2016-12-26 08:13 - 2016-12-26 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 2016-12-19 21:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-19 21:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-19 21:32 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-19 21:32 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-19 21:32 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-19 21:32 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-19 21:32 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-12-19 21:32 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-19 21:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-19 21:32 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-19 21:32 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-19 21:32 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-19 21:32 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-19 21:32 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-19 21:32 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-19 21:32 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-19 21:32 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-19 21:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-19 21:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-19 21:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-19 21:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-19 21:32 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-12-19 21:32 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-19 21:32 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-12-19 21:32 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-19 21:32 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-12-19 21:32 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-19 21:32 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-19 21:32 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2016-12-19 21:32 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-19 21:32 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-19 21:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-19 21:32 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-19 21:32 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-19 21:32 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-19 21:32 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-19 21:32 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-12-19 21:32 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-19 21:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-19 21:32 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-19 21:32 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-12-19 21:32 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-12-19 21:32 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-19 21:32 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-19 21:32 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-19 21:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-19 21:32 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-12-19 21:32 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-12-19 21:32 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-19 21:32 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-12-19 21:32 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-12-19 21:32 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-12-19 21:32 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-19 21:32 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2016-12-19 21:32 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-19 21:32 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-19 21:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-19 21:32 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-19 21:32 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-19 21:32 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-19 21:32 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-12-19 21:32 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-12-19 21:32 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-12-19 21:32 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-12-19 21:32 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-12-19 21:32 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-19 21:32 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-19 21:32 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-12-19 21:32 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-19 21:32 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-19 21:32 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-19 21:32 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-12-19 21:32 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-12-19 21:32 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-12-19 21:32 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-19 21:32 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-19 21:32 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-12-19 21:32 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-12-19 21:32 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-12-19 21:32 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-12-19 21:32 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-19 21:32 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-19 21:32 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-19 21:32 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-19 21:32 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-12-19 21:32 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-19 21:32 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-19 21:32 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-19 21:32 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-19 21:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-19 21:32 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-19 21:32 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-12-19 21:32 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-19 21:32 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-12-19 21:32 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-12-19 21:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-19 21:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-19 21:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-19 21:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-19 21:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-19 21:32 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2016-12-19 21:32 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2016-12-19 21:32 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-12-19 21:32 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-12-19 21:32 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-12-19 21:32 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-12-19 21:32 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-12-19 21:32 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-12-19 21:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2016-12-19 21:32 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2016-12-19 21:32 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2016-12-19 21:32 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-12-19 21:32 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-12-19 21:32 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-12-19 21:32 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-12-19 21:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-12-19 21:32 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-12-19 21:32 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-12-19 21:32 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-12-19 21:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-12-19 21:32 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-12-19 21:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-12-19 21:32 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2016-12-19 21:32 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe 2016-12-19 21:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll 2016-12-19 21:32 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-12-19 21:32 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-12-19 21:32 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-19 21:32 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-12-19 21:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-12-19 21:32 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-12-19 21:32 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-12-19 21:32 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-12-19 21:32 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll 2016-12-19 21:32 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2016-12-19 21:32 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2016-12-19 21:32 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll 2016-12-19 21:32 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys 2016-12-19 21:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2016-12-19 21:32 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-12-19 21:32 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-12-19 21:32 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-12-19 21:32 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-12-19 21:32 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-12-19 21:32 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-12-19 21:32 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2016-12-19 21:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-12-19 21:32 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-12-19 21:32 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-12-19 21:32 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-12-19 21:32 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll 2016-12-19 21:32 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-12-19 21:32 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe 2016-12-19 21:32 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-12-19 21:32 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-12-19 21:32 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-12-19 21:32 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-12-19 21:32 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-12-19 21:32 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-12-19 21:32 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-19 21:32 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2016-12-19 21:32 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2016-12-19 21:32 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-12-19 21:32 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-12-19 21:32 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2016-12-19 21:32 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2016-12-19 21:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2016-12-19 21:32 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-12-19 21:32 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2016-12-19 21:32 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-12-19 21:32 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-12-19 21:32 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-12-19 21:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2016-12-19 21:32 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-12-19 21:32 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-12-19 21:32 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2016-12-19 21:32 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-12-19 21:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-12-19 21:32 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-12-19 21:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2016-12-19 21:32 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-12-19 21:32 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-12-19 21:32 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2016-12-19 21:32 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-12-19 21:32 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-12-19 21:32 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-12-19 21:32 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-12-19 21:32 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-12-19 21:32 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-19 21:32 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-12-19 21:32 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-12-19 21:32 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-12-19 21:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-12-19 21:32 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-12-19 21:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-12-19 21:32 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-12-19 21:32 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-12-19 21:32 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-12-19 21:32 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2016-12-19 21:32 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-12-19 21:32 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-12-19 21:32 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-12-19 21:32 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-12-19 21:32 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2016-12-19 21:32 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-12-19 21:32 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2016-12-19 21:32 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-12-19 21:32 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-12-19 21:32 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll 2016-12-19 21:32 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2016-12-19 21:32 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2016-12-19 21:32 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-12-19 21:32 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-12-19 21:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-12-19 21:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-12-19 21:32 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll 2016-12-19 21:32 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll 2016-12-19 21:32 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-12-19 21:32 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2016-12-19 21:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-12-19 21:32 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-12-19 21:32 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-12-19 21:32 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe 2016-12-19 21:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-12-19 21:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-12-19 21:32 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2016-12-19 21:32 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-12-19 21:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-12-19 21:32 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-12-19 21:32 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-19 21:32 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-12-19 21:32 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-19 21:32 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2016-12-19 21:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-12-19 21:32 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-12-19 21:32 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-12-19 21:32 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-12-19 21:32 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-12-19 21:32 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2016-12-19 21:32 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-12-19 21:32 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-12-19 21:32 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2016-12-19 21:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-12-19 21:32 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2016-12-19 21:32 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2016-12-19 21:32 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-12-19 21:32 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2016-12-19 21:32 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll 2016-12-19 21:32 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2016-12-19 21:32 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-12-19 21:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-19 21:32 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-12-19 21:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-12-19 21:32 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-12-19 21:32 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-12-19 21:32 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-12-19 21:32 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2016-12-19 21:32 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-12-19 21:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2016-12-19 21:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-12-19 21:32 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-12-19 21:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-12-19 21:32 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-12-19 21:32 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-12-19 21:32 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-12-19 21:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2016-12-19 21:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2016-12-19 21:32 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-12-19 21:32 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-12-19 21:32 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll 2016-12-19 21:32 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-12-19 21:32 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-12-19 21:32 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-12-19 21:32 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-12-19 21:32 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-12-19 21:32 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-12-19 21:32 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-12-19 21:32 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-12-19 21:32 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-12-19 21:31 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-19 21:31 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-19 21:31 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-19 21:31 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-19 21:31 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-19 21:31 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-12-19 21:31 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-12-19 21:31 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-19 21:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-19 21:31 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-19 21:31 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-12-19 21:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-19 21:31 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-19 21:31 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-12-19 21:31 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-12-19 21:31 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-12-19 21:31 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-12-19 21:31 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-12-19 21:31 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-12-19 21:31 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2016-12-19 21:31 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-12-19 21:31 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll 2016-12-19 21:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-12-19 21:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-12-19 21:31 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-19 21:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-12-19 21:31 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-12-19 21:31 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-12-19 21:31 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-12-19 21:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2016-12-19 21:31 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2016-12-19 21:31 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2016-12-19 21:31 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2016-12-19 21:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-12-19 21:31 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-12-19 21:31 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-12-19 21:31 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2016-12-19 21:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-12-19 21:31 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-12-19 21:31 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-12-19 21:31 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-12-19 21:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2016-12-19 21:31 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-12-19 21:31 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-12-19 21:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-12-19 21:31 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-12-19 21:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-12-19 21:31 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-12-19 21:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-12-19 21:31 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-12-19 21:31 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2016-12-19 21:31 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe 2016-12-19 21:31 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-19 21:31 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-12-19 21:31 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-12-19 21:31 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-12-19 21:31 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-12-19 21:31 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-12-19 21:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-01-18 15:35 - 2016-11-22 22:25 - 00000000 ____D C:\Users\SR\AppData\LocalLow\Mozilla 2017-01-18 15:35 - 2016-10-14 15:42 - 00000000 ____D C:\ProgramData\NVIDIA 2017-01-18 15:35 - 2013-04-11 21:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-01-18 15:35 - 2012-04-02 16:39 - 00000000 ____D C:\Program Files (x86)\Steam 2017-01-18 15:34 - 2016-10-14 15:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-18 15:33 - 2016-07-16 07:04 - 01835008 _____ C:\WINDOWS\system32\config\BBI 2017-01-18 15:32 - 2016-10-14 15:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-18 14:57 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-18 14:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-18 06:12 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-01-18 05:54 - 2012-04-02 17:02 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-01-18 05:24 - 2012-06-11 21:09 - 00000000 ____D C:\ProgramData\ashampoo 2017-01-17 21:27 - 2012-10-24 08:06 - 00000000 ____D C:\ProgramData\firebird 2017-01-17 21:00 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-17 17:55 - 2016-10-14 15:43 - 02847968 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-17 17:55 - 2016-07-16 23:51 - 01193766 _____ C:\WINDOWS\system32\perfh007.dat 2017-01-17 17:55 - 2016-07-16 23:51 - 00299768 _____ C:\WINDOWS\system32\perfc007.dat 2017-01-17 17:49 - 2016-08-04 18:39 - 00000000 ____D C:\Program Files (x86)\StarMoney 10 S-Edition 2017-01-16 18:32 - 2016-10-14 15:43 - 00000000 ____D C:\Users\SR 2017-01-16 18:31 - 2012-09-18 06:38 - 00000000 ____D C:\ProgramData\Origin 2017-01-16 18:29 - 2012-09-18 06:39 - 00000000 ____D C:\Users\SR\AppData\Roaming\Origin 2017-01-11 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-11 17:40 - 2012-04-02 19:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-01-11 17:39 - 2016-05-29 00:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-11 17:38 - 2016-10-14 15:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 17:34 - 2012-09-18 06:38 - 00000000 ____D C:\Program Files (x86)\Origin 2017-01-11 17:33 - 2012-09-18 06:39 - 00000000 ____D C:\Users\SR\AppData\Local\Origin 2017-01-07 09:32 - 2014-08-14 11:50 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-07 09:32 - 2013-10-26 17:35 - 00000000 ____D C:\ProgramData\Oracle 2017-01-07 09:32 - 2013-10-26 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-07 09:32 - 2013-07-16 08:42 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-05 14:24 - 2016-10-14 15:43 - 00000000 ____D C:\Users\DefaultAppPool 2016-12-30 21:03 - 2016-10-14 15:43 - 00524288 ___SH C:\Users\SR\NTUSER.DAT{a882dff8-9224-11e6-8c3f-a1b862dc6f50}.TMContainer00000000000000000002.regtrans-ms 2016-12-30 21:03 - 2016-10-14 15:43 - 00065536 ___SH C:\Users\SR\NTUSER.DAT{a882dff8-9224-11e6-8c3f-a1b862dc6f50}.TM.blf 2016-12-28 18:00 - 2012-07-05 18:26 - 00000000 ____D C:\Users\SR\AppData\Local\ElevatedDiagnostics 2016-12-28 14:49 - 2012-05-11 20:18 - 00000000 ____D C:\Users\SR\AppData\Roaming\TeamViewer 2016-12-27 18:29 - 2016-10-14 15:43 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms 2016-12-27 18:29 - 2016-10-14 15:43 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TM.blf 2016-12-27 17:23 - 2013-01-27 14:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-26 12:25 - 2015-04-26 19:16 - 00000000 ____D C:\Users\SR\AppData\Local\NVIDIA Corporation 2016-12-26 10:58 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly 2016-12-26 10:52 - 2014-08-13 19:17 - 00000000 ____D C:\Users\SR\AppData\Local\NVIDIA 2016-12-26 10:50 - 2016-10-14 15:42 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-12-26 10:49 - 2013-01-01 12:56 - 00000000 ____D C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-12-26 10:47 - 2012-09-18 06:39 - 00000000 ____D C:\Program Files (x86)\Origin Games 2016-12-26 10:45 - 2016-10-14 15:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-12-26 10:45 - 2016-10-14 15:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-12-26 10:45 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore 2016-12-26 10:45 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot 2016-12-26 10:44 - 2016-07-16 07:04 - 00000000 ___RD C:\Program Files (x86) 2016-12-26 10:42 - 2014-06-18 22:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-26 08:13 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files 2016-12-20 17:21 - 2016-10-14 15:43 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms 2016-12-20 17:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2016-12-20 16:49 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS 2016-12-20 16:32 - 2013-07-04 21:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-20 06:04 - 2016-10-14 15:43 - 00524288 ___SH C:\Users\SR\NTUSER.DAT{a882dff8-9224-11e6-8c3f-a1b862dc6f50}.TMContainer00000000000000000001.regtrans-ms 2016-12-20 05:50 - 2016-10-14 16:11 - 00000174 ___SH C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-20 05:50 - 2016-10-14 15:43 - 00000000 ___RD C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-12-20 05:50 - 2016-04-27 06:55 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-12-20 05:50 - 2012-10-16 21:38 - 00000000 ___RD C:\Users\SR\Virtual Machines 2016-12-20 05:50 - 2012-04-02 16:31 - 00000174 ___SH C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini 2016-12-20 05:50 - 2012-04-02 16:31 - 00000000 ___RD C:\Users\SR\Desktop 2016-12-20 05:50 - 2012-04-02 16:31 - 00000000 ___RD C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2016-12-20 05:50 - 2012-04-02 16:31 - 00000000 ___RD C:\Users\SR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2016-12-19 22:24 - 2016-07-16 07:04 - 00016384 _____ C:\Users\Default\ntuser.dat 2016-12-19 22:23 - 2016-10-14 15:41 - 05503216 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-12-19 22:22 - 2016-10-14 15:41 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms 2016-12-19 22:22 - 2016-10-14 15:41 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf 2016-12-19 22:22 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\de-DE 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer 2016-12-19 22:22 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer 2016-12-19 22:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-19 22:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-19 22:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-19 22:22 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing 2016-12-19 21:40 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-12-19 21:37 - 2014-08-11 11:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-12-19 21:32 - 2012-04-04 07:58 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-12-19 21:29 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-08-28 21:21 - 2012-08-31 12:00 - 0000048 _____ () C:\Users\SR\AppData\Roaming\AcroIEHelpe.txt 2012-08-28 21:20 - 2012-08-31 21:21 - 0000016 _____ () C:\Users\SR\AppData\Roaming\blckdom.res 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\Users\SR\AppData\Roaming\Clips 2015-12-16 15:39 - 2015-12-16 15:39 - 0000268 ___RH () C:\Users\SR\AppData\Roaming\Cocoa 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\Users\SR\AppData\Roaming\ColorSync 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\Users\SR\AppData\Roaming\Console 2016-01-03 19:10 - 2016-01-03 19:12 - 0038416 _____ () C:\Users\SR\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2012-08-30 20:46 - 2012-08-30 20:46 - 0000028 _____ () C:\Users\SR\AppData\Roaming\PhonerLitesettings.ini 2012-07-28 12:37 - 2015-02-08 13:16 - 0013536 _____ () C:\Users\SR\AppData\Roaming\phpdesigner2007pe.xml 2012-08-28 21:20 - 2012-08-28 21:20 - 0000264 _____ () C:\Users\SR\AppData\Roaming\srvblck5.tmp 2012-09-12 07:09 - 2016-02-17 21:05 - 0015360 _____ () C:\Users\SR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-11 12:43 - 2012-07-11 12:43 - 0000021 _____ () C:\Users\SR\AppData\Local\mc.pixel.data 2014-02-25 09:20 - 2014-02-26 09:30 - 0000600 _____ () C:\Users\SR\AppData\Local\PUTTY.RND 2012-09-13 07:33 - 2012-09-13 07:33 - 0004220 _____ () C:\Users\SR\AppData\Local\recently-used.xbel 2012-04-14 22:21 - 2015-04-03 12:13 - 0007667 _____ () C:\Users\SR\AppData\Local\Resmon.ResmonCfg 2016-03-03 16:33 - 2016-03-03 16:33 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-05-05 12:51 - 2012-05-05 12:51 - 0000000 _____ () C:\ProgramData\cmn_upld.log 2012-04-02 16:44 - 2015-05-14 17:20 - 0001620 _____ () C:\ProgramData\Coinstaller.log 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\ProgramData\Colors 2015-12-16 15:39 - 2015-12-16 15:39 - 0000268 ___RH () C:\ProgramData\Comedy Noises 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\ProgramData\Command Line Utility 2015-12-16 15:38 - 2015-12-16 15:38 - 0000268 ___RH () C:\ProgramData\CustomDataViews 2012-10-04 11:04 - 2015-12-18 01:42 - 0000504 _____ () C:\ProgramData\FastPics.log 2015-03-21 15:52 - 2016-05-28 21:05 - 0000514 _____ () C:\ProgramData\lxec.log 2012-04-04 14:26 - 2015-04-21 14:30 - 0095501 _____ () C:\ProgramData\lxecJSW.log 2012-04-02 16:40 - 2016-05-28 21:05 - 0202588 _____ () C:\ProgramData\lxecscan.log 2012-05-05 12:51 - 2012-05-05 12:51 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log 2015-12-16 15:38 - 2015-12-16 15:38 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT 2015-12-16 15:39 - 2015-12-16 15:39 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT 2015-12-16 15:38 - 2015-12-31 17:58 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT 2015-12-16 15:38 - 2015-12-24 14:04 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT 2015-04-02 04:56 - 2015-04-02 04:56 - 0596378 _____ () C:\ProgramData\SPL115C.tmp 2014-09-12 13:11 - 2014-09-12 13:11 - 0845452 _____ () C:\ProgramData\SPL1FDE.tmp 2015-02-05 16:56 - 2015-02-05 16:56 - 0496495 _____ () C:\ProgramData\SPL3E30.tmp 2015-03-11 21:03 - 2015-03-11 21:03 - 0650228 _____ () C:\ProgramData\SPL7F3D.tmp 2015-03-21 15:30 - 2015-03-21 15:30 - 2068165 _____ () C:\ProgramData\SPL855E.tmp 2014-10-17 16:26 - 2014-10-17 16:26 - 0846895 _____ () C:\ProgramData\SPL87E6.tmp 2015-04-10 12:44 - 2015-04-10 12:44 - 3272612 _____ () C:\ProgramData\SPL98AA.tmp 2014-08-29 22:07 - 2014-08-29 22:07 - 0094776 _____ () C:\ProgramData\SPL9BE1.tmp 2014-11-15 11:23 - 2014-11-15 11:23 - 1512444 _____ () C:\ProgramData\SPLA081.tmp 2014-08-29 18:09 - 2014-08-29 18:09 - 0592576 _____ () C:\ProgramData\SPLA736.tmp 2015-04-02 04:57 - 2015-04-02 04:57 - 0596378 _____ () C:\ProgramData\SPLB1CF.tmp 2014-11-27 21:34 - 2014-11-27 21:34 - 0616789 _____ () C:\ProgramData\SPLB327.tmp 2014-08-29 17:56 - 2014-08-29 17:56 - 0589401 _____ () C:\ProgramData\SPLBE0E.tmp 2014-09-09 21:51 - 2014-09-09 21:51 - 0636431 _____ () C:\ProgramData\SPLC094.tmp 2015-03-14 10:09 - 2015-03-14 10:09 - 0650228 _____ () C:\ProgramData\SPLCC62.tmp 2016-02-25 12:02 - 2016-02-25 12:02 - 0472201 _____ () C:\ProgramData\SPLCCA3.tmp 2014-11-20 22:54 - 2014-11-20 22:54 - 0190740 _____ () C:\ProgramData\SPLE4D7.tmp 2014-08-26 23:24 - 2014-08-26 23:24 - 0768964 _____ () C:\ProgramData\SPLEBFE.tmp 2014-08-26 13:30 - 2014-08-26 13:30 - 0247202 _____ () C:\ProgramData\SPLF44B.tmp 2015-04-11 18:47 - 2015-04-11 18:47 - 0336450 _____ () C:\ProgramData\SPLFB.tmp 2015-03-21 17:34 - 2015-03-21 17:34 - 0046314 _____ () C:\ProgramData\SPLFEF8.tmp 2015-06-10 21:03 - 2015-06-10 21:03 - 0000008 __RSH () C:\ProgramData\sysqcl1131236454.dat 2012-05-05 12:51 - 2012-05-05 12:51 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\sysqcl1131236454.dat Einige Dateien in TEMP: ==================== C:\Users\SR\AppData\Local\Temp\jre-8u111-windows-au.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-11 18:54 ==================== Ende von FRST.txt ============================ |
18.01.2017, 15:51 | #4 |
| PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) und die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017 durchgeführt von SR (18-01-2017 15:37:23) Gestartet von D:\Downloads Windows 10 Pro Version 1607 (X64) (2016-10-14 14:54:44) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-986338530-4122884952-956410517-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-986338530-4122884952-956410517-503 - Limited - Disabled) Gast (S-1-5-21-986338530-4122884952-956410517-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-986338530-4122884952-956410517-1004 - Limited - Enabled) SR (S-1-5-21-986338530-4122884952-956410517-1000 - Administrator - Enabled) => C:\Users\SR ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.12 - GIGABYTE) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acronis True Image 2015 (HKLM-x32\...\{2F70A6E6-2F71-4907-8441-BDC5D300310B}Visible) (Version: 18.0.6613 - Acronis) Acronis True Image 2015 (x32 Version: 18.0.6613 - Acronis) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated) Adobe After Effects CS5.5 (HKLM-x32\...\{E82097B9-A3B8-404A-9A92-AC16A8AC9576}) (Version: 10.5 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated) Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.60 - Hulubulu Software) Amazon Music (HKU\S-1-5-21-986338530-4122884952-956410517-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC) Ansel (Version: 376.33 - NVIDIA Corporation) Hidden Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG) Ashampoo CD & DVD Drive Access Control 1.0.0 (HKLM-x32\...\Ashampoo CD & DVD Drive Access Control_is1) (Version: - Ashampoo) Ashampoo Photo Optimizer 6 (HKLM-x32\...\{91B33C97-546E-E89A-9F44-0BB2D57DBE96}_is1) (Version: 6.0.17 - Ashampoo GmbH & Co. KG) Ashampoo Snap 5 v.5.1.4 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.4 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 11 v.11.00.41 (HKLM-x32\...\{4209F371-8D72-8119-66FA-897D2D41E27F}_is1) (Version: 11.00.41 - Ashampoo GmbH & Co. KG) Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Blender (HKLM\...\{70DFC1C6-C234-4B4D-87C1-E01793AAB130}) (Version: 2.78.0 - Blender Foundation) Bouquet Wizard (HKLM-x32\...\BouquetWizard) (Version: - ) Comic Creator (HKLM-x32\...\Comic Creator) (Version: - Summitsoft) Comic Life 3 (HKLM-x32\...\{F028B2F8-42B1-4C82-9978-6251E11D475C}) (Version: 3.1.0.31767 - plasq LLC) Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden digiCamControl (HKLM-x32\...\{19D12628-7654-4354-A305-9AB0B32AF677}) (Version: 2.0.0.0 - Duka Istvan) DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.4 - DiskInternals Research) DiskInternals Linux Recovery (HKLM-x32\...\DiskInternals Linux Recovery) (Version: 5.0.0.0 - DiskInternals Research) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) FormPrinter (HKLM-x32\...\{9761AC3A-7B7C-4ACB-8F02-140308012C4D}_is1) (Version: - ) Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - ) HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Incomedia WebSite X5 v10 - Evolution (HKLM-x32\...\{0A53AC6C-9E9D-451D-AB28-F5D1427C4D56}_is1) (Version: 10.0.2.24 - Incomedia s.r.l.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) Java SE Development Kit 7 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170050}) (Version: 1.7.0.50 - Oracle) JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation) JavaFX 2.1.1 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden K-Lite Codec Pack 9.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.0 - ) Live! Cam Chat HD VF0790 Driver (1.00.07.00) (HKLM\...\Creative VF0790) (Version: - Creative Technology Ltd.) Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.) Logo Design Studio Pro (HKLM-x32\...\Logo Design Studio Pro 1.7.1) (Version: 1.7.1 - Summitsoft) Logo Design Studio Pro (x32 Version: 1.7.1 - Summitsoft) Hidden MAGIX Common Components 1 (HKLM-x32\...\{8E7E3475-C37E-44F5-897F-718AAE0B4827}) (Version: 1.4.0.0 - MAGIX Software GmbH) MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Fonts Package 2 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 Premium (Production Bundle) (HKLM-x32\...\MX.{1497228D-BEE9-481B-A7D8-E157D7EFE186}) (Version: 21.0.4.53 - MAGIX Software GmbH) MAGIX Music Maker 2015 Premium (Production Bundle) (Synthesizer und Effekte) (HKLM-x32\...\MX.{B6F19352-7340-45D7-A54C-81171F999F71}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Music Maker 2015 Premium (Production Bundle) (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 Premium (Production Bundle) (Version: 21.0.4.53 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 Premium (Production Bundle) (Visuals) (HKLM-x32\...\MX.{58DD6FC6-C105-400F-AF4B-5407E7DBF6AD}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Music Maker 2015 Premium (Production Bundle) (Visuals) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 Premium Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Music Maker 2015 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{DDB91759-AA6B-417C-B569-E990413AC239}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG) MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden MAGIX Video deluxe 2015 (Designelemente) (HKLM\...\MX.{DEDD689F-839F-435F-A2C5-808E024B3CB6}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Designelemente) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Fotoshow Maker-Stile 1) (HKLM\...\MX.{C124FE78-3671-4026-9405-65A36F4C2B10}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Fotoshow Maker-Stile 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Fotoshow Maker-Stile 2) (HKLM\...\MX.{2C4B570E-CB62-4790-807E-0C543152D8D2}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Fotoshow Maker-Stile 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (HKLM\...\MX.{FFDC29E6-5C7C-4AA8-AF5A-99E015165382}) (Version: 14.0.0.159 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Individuelle Menüvorlagen) (HKLM\...\MX.{ED95A1EF-59F9-4122-8AB9-49A5F71972ED}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Menüvorlagen 1) (HKLM\...\MX.{7FF5D176-D6B1-46ED-A6D2-24D514AD2568}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Menüvorlagen 2) (HKLM\...\MX.{C5E6D19E-D42D-4291-8F0B-C8834FBBEDC5}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Soundtrack Maker-Stile) (HKLM\...\MX.{E08B06FC-ABF3-41E7-A66D-AFD6195912EE}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Soundtrack Maker-Stile) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Titeleffekte) (HKLM\...\MX.{3352C14F-D253-48A7-811A-63B7FC00BFF0}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Überblendeffekte) (HKLM\...\MX.{7BEF9D55-EDA9-4578-936F-233860F1EFD6}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2015 (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2015 (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Media Markt Fotoservice 5.2 (HKLM-x32\...\Media Markt Fotoservice_is1) (Version: - ) Mein Büro (HKLM-x32\...\{55010C6D-49CB-4ECF-AAEA-7279F73A5EF2}_is1) (Version: 16.0 - Buhl Data Service GmbH) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden onlinebrief24.de (HKLM-x32\...\eBriefdienst-onlinebrief24) (Version: - ) Oplisker 0.1.4 (HKLM-x32\...\{A6C2BC14-AC0B-4EB1-B7F9-E9E9049DBF83}_is1) (Version: - Ostegn Technology) Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio) PhonerLite 2.34 (HKLM-x32\...\PhonerLite_is1) (Version: 2.34 - Heiko Sommerfeldt) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon) Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA) Plants vs Zombies GW2 (HKLM-x32\...\{C4F00C98-13B4-4313-8152-50EE0B04ABE2}) (Version: 1.0.7.0 - Electronic Arts) Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-986338530-4122884952-956410517-1000\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts) Real Network Monitor (HKLM\...\Real Network Monitor) (Version: 1.4 - Josh Cell Softwares Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.531.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6423 - Realtek Semiconductor Corp.) SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.) Smart 6 B11.0824.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE) StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.6.25180 - Blizzard Entertainment) StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden StarMoney (x32 Version: 5.0.3.44 - StarFinanz) Hidden StarMoney 10 S-Edition (HKLM-x32\...\{EBF82B19-2F69-4DFA-A743-915877CADC5A}) (Version: 10 - Star Finanz GmbH) StarMoney 8.0 (HKLM-x32\...\{D4CCABBA-F7DD-4A41-BF9E-A52B302A3F83}) (Version: 8.0 - Star Finanz GmbH) StarMoney 9.0 (HKLM-x32\...\{08870778-57AC-4D5E-B90A-EC1F5FA599B1}) (Version: 9.0 - Star Finanz GmbH) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Steganos Password Manager 11 (HKLM-x32\...\{D79B34A7-658C-4406-B4A5-6C982E07D57F}) (Version: 11.2.1 - Steganos GmbH) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus) ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon) Vita 2 (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita 2 Zusatzcontent (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Analog Synths (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Celtic Harp (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Century Guitar (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Century Keys (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Drum Engine (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Jazz Drums (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita String Ensemble (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita Urban Drums (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita World Flutes (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vita World Percussion (Version: 2.4.0.78 - MAGIX Software GmbH) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WISO steuer:Sparbuch 2016 (HKLM-x32\...\{7D15F8EE-31D3-415A-848F-3E32B40B6D48}) (Version: 23.07.1500 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{BC823616-D8CD-4BAC-A341-614652A3C530}) (Version: 21.00.8480 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{75524CC6-0B52-435A-BE75-EEDF85804BD6}) (Version: 22.06.8980 - Buhl Data Service GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-986338530-4122884952-956410517-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\SR\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei CustomCLSID: HKU\S-1-5-21-986338530-4122884952-956410517-1000_Classes\CLSID\{2F5DA951-82C6-471e-90BD-CAB15552A932}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {031FC986-FCDD-4F1D-A54C-604B75BAA466} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {081B4815-124D-4687-91E2-CFD612354CD1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0ABE0970-D749-40F3-8071-5A4125C6B011} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0C7B3CD1-3F3D-44B2-A199-298CEBCCCC40} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {17CC8550-F208-496E-87AF-7A0C5810BE42} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {1BEDED61-1D82-4CFB-9037-0664C685ECBA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {22228A52-A60C-496B-9B40-A238D350343B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {24B06AE4-2E57-4DC3-B3DF-1B78AC5F9451} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {27036EFF-6CE3-41F1-AD3E-D05FDDC6C050} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation) Task: {2E30042A-6757-470F-884E-17AC8B6BE6A4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {2F7D318B-1129-41B7-B977-6D9FD4E92E78} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3318FE90-FD43-403B-A53E-0190F4F2B2BF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3532FC56-38E2-4D7B-AD9D-DE15A8DAFE6B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {460500E7-831E-4707-BD08-9852291A8740} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {463603D5-F19A-4333-B249-81DD5FA1E85D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4AF02054-A6A1-409F-98E1-6DF727F8A303} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {4E3C7617-8207-4716-9E9E-6118149388B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-10] (Adobe Systems Incorporated) Task: {4ED43D25-7964-466A-B1A9-BF0636A220F9} - \Microsoft\Windows\Setup\EOONotify -> Keine Datei <==== ACHTUNG Task: {516638F8-6074-47D1-87A1-902CC38C1FA1} - System32\Tasks\Sicherung Fotos => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe Task: {53094740-BCA8-48BD-AEB4-2B1D2B26E7E6} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG Task: {5570FB3A-FC35-4D78-B7BF-3CAE02CC85DE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {5629B187-5EDB-4D13-8CFA-BB519FF8D523} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {5C5EB86D-A019-4469-9C2B-64C84473F8DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5FE97341-225A-4157-A3A6-4D664018220D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6098162A-F303-417B-8816-205FB92A9638} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6B1617E0-F0F3-41F3-AFCC-F0F650BF9CE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {737FE02B-818F-493E-9286-534545290D06} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7C4455F7-A40B-43C4-941A-D21F15BDF323} - System32\Tasks\{D589E28F-C99B-4B10-9763-92B9BE993D28} => pcalua.exe -a "F:\Downloads\CallButler Open Source PBX Setup.exe" -d F:\Downloads Task: {8049E4F4-F0A2-47CE-B0A1-7E5B0AC26D2F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {864CCAB1-8927-4850-9742-7ABD60910F8D} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\WO11.exe [2014-08-05] (Ashampoo Development GmbH & Co. KG) Task: {9F04EB5B-E197-4CFC-BB7C-588258A1AB2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-24] (Google Inc.) Task: {A43F0E81-5BD1-47CF-ABA3-A8284FC02046} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A4B4DEA0-A758-466D-91A8-942C3B71ABE8} - System32\Tasks\RTSS => C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe Task: {A79972B2-EE36-4EAB-8C95-B32CBFF090ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {A84EF4DA-F1DA-4561-BAEE-0796AB5510DC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {B556422D-DBA0-4705-86C9-CA6F1BAEE9DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {B7601042-8695-4D84-8F96-8930353A7D82} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe Task: {B803CEEC-0BC3-42BC-BB28-826EB0E9A87C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {BEF1FDD9-57C7-466A-996B-0D05E6FA496B} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG Task: {BFEFADFD-D17B-4750-82FE-29D83DA8CD94} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {C07BFAA0-C195-490C-AC76-92F6EE4539F6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C3649C57-5686-433A-8B4B-F5804CB54E7B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C7376995-52A1-4F40-A1B8-FBE3F3C85D90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-24] (Google Inc.) Task: {CA7A35F8-EC28-4403-BBEE-A9943FB143D1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {CAC7AF4C-A296-4301-BC96-8A8D236E4717} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {D06D3CAC-74CB-412F-B42B-EEBD32E35141} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {D34836DA-EF3A-4195-8619-7DE23F604CAD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D6F161CB-AD2A-428C-8A78-8AE13DF358BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {E08FEBF5-7446-4407-87FF-C5AC56F3ED7E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation) Task: {E0EC7CA1-ED0E-46FC-845C-64CC4EC6C75C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {E298B663-C8A7-47B6-BBBC-B32D5BE08328} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E98E58C7-7160-4E9F-B45B-23D41CDC5A24} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation) Task: {FC509666-43D9-4209-B08C-78CDDAA38051} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\One-Click Optimizer WO11.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\WO11.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\SR\AppData\Local\Microsoft\Windows\RoamingTiles\147475860.lnk -> hxxp://www.auf-nach-juist.de/kontakt.htm ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-19 21:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-14 15:42 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-17 19:55 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-17 19:55 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-01-17 19:55 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2012-04-02 18:18 - 2015-04-25 23:23 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe 2016-12-19 21:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-14 16:13 - 2016-10-14 16:13 - 00959168 _____ () C:\Users\SR\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll 2016-10-14 15:44 - 2016-10-14 15:44 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll 2016-10-14 16:38 - 2016-10-14 16:38 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-19 21:32 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-22 22:41 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-22 22:41 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-22 22:41 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-22 22:41 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-11-22 22:41 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-22 22:41 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-12-15 17:44 - 2016-12-15 17:45 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-12-15 17:44 - 2016-12-15 17:45 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-12-15 17:44 - 2016-12-15 17:45 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-12-15 17:44 - 2016-12-15 17:45 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll 2016-11-22 22:41 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll 2016-11-22 22:41 - 2016-11-02 11:16 - 04046848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Signals.dll 2016-11-22 22:41 - 2016-11-02 11:13 - 01475584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.IntentExtraction.dll 2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-12-10 10:47 - 2016-12-10 10:47 - 02561536 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll 2016-12-10 10:47 - 2016-12-10 10:47 - 00139264 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1.3160.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll 2016-11-22 22:41 - 2016-11-02 11:13 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll 2016-11-22 22:41 - 2016-11-02 11:13 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll 2016-07-16 12:43 - 2016-07-16 23:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node 2016-07-16 12:43 - 2016-07-16 23:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node 2016-12-15 17:45 - 2016-12-15 17:45 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll 2015-12-22 01:47 - 2015-12-22 01:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll 2016-12-11 18:50 - 2017-01-11 17:34 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-12-20 23:34 - 2016-01-28 15:33 - 01058624 _____ () C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\libxml2.dll 2016-12-20 23:34 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\PATCHW32.dll 2015-04-14 20:24 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-26 10:45 - 2016-12-12 04:03 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-12-26 10:45 - 2016-12-12 04:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-12-26 10:45 - 2016-12-12 04:03 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-12-26 10:45 - 2016-12-12 04:03 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-12-26 10:45 - 2016-12-12 04:03 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-12-26 10:45 - 2016-12-12 04:03 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-12-26 10:45 - 2016-12-12 04:03 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2013-03-12 17:10 - 2016-12-08 16:13 - 00656160 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-20 13:18 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-21 19:46 - 2016-12-20 03:25 - 02322720 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-20 13:18 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-20 13:18 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 18:01 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 18:01 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 18:01 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 18:01 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 18:01 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2012-04-02 16:40 - 2016-12-20 03:25 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 17:17 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-12-18 09:31 - 2016-12-05 17:21 - 67304736 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2015-01-20 13:18 - 2015-09-25 00:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\SR\AppData\Local\FnIuxUgbsane5GK:J6k5g428FL4fDOnfc8NXfdEcNRwr6 [2428] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-986338530-4122884952-956410517-1000\Software\Classes\.exe: => <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2014-03-21 19:48 - 00001721 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 CRL.VERISIGN.NET ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-986338530-4122884952-956410517-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SR\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apache2.2 => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: DBService => 2 MSCONFIG\Services: DevoloNetworkService => 2 MSCONFIG\Services: FirebirdServerMAGIXInstance => 3 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: lxecCATSCustConnectService => 2 MSCONFIG\Services: lxec_device => 2 MSCONFIG\Services: MailList Controller => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Smart TimeLock => 2 MSCONFIG\Services: SplashtopRemoteService => 2 MSCONFIG\Services: SSUService => 2 MSCONFIG\Services: StarMoney 8.0 OnlineUpdate => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TomTomHOMEService => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Amazon Music => "C:\Users\SR\AppData\Local\Amazon Music\Amazon Music Helper.exe" MSCONFIG\startupreg: AshSnap => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 5\ashsnap.exe MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart MSCONFIG\startupreg: EADM => C:\Program Files (x86)\Origin\Origin.exe -AutoStart MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe" MSCONFIG\startupreg: HP Officejet Pro 8610 (NET) => "C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe" -deviceID "CN5C9FX4NY:NW" -scfn "HP Officejet Pro 8610 (NET)" -AutoStart 1 MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch MSCONFIG\startupreg: MailListController => C:\Program Files (x86)\Arclab\MailList Controller\amlcSCT.exe MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s MSCONFIG\startupreg: onlinebrief24-ebdhelper => C:\Program Files (x86)\onlinebrief24.de\ebdhelper.exe MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\MOUSE Editor\\MouseEditor.exe" Minimum MSCONFIG\startupreg: SOS Browser Monitor => "C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe" MSCONFIG\startupreg: SOS Notifier => "C:\Program Files (x86)\Steganos Online Shield\Notifier.exe" MSCONFIG\startupreg: SOS_Agent => "C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe" -agent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" MSCONFIG\startupreg: Userinit => C:\Users\SR\AppData\Roaming\appConf32.exe MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKU\S-1-5-21-986338530-4122884952-956410517-1000\...\StartupApproved\Run: => "Sidebar" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808 FirewallRules: [{71497F55-07AE-4E44-AC39-579488D7A8C1}] => C:\Program Files (x86)\StarMoney 10 S-Edition\app\StarMoney.exe FirewallRules: [{D56BC84D-D314-4B7A-8602-06108391C64D}] => C:\Program Files (x86)\StarMoney 10 S-Edition\app\StarMoney.exe FirewallRules: [{8D2094C3-5082-4D18-BA58-CF17A4A5398A}] => C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{A9E880BA-2BD7-4BF0-93EE-975CF29915F5}] => C:\Program Files (x86)\StarMoney 10 S-Edition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{91B86D6B-3226-41B9-81E9-E2C94893ACA3}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FF567B1F-16F2-4F85-AB10-9CB30E94627F}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F09A39DE-F256-484F-B43B-EC1DD716B348}] => C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{C210DD99-8577-431D-B673-A530C8CE8781}] => C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{8E6496BA-C85C-493F-B3B6-30F3029130A3}] => C:\Program Files (x86)\StarMoney 8.0\app\StarMoney.exe FirewallRules: [{C0077D24-C079-440C-AA32-17284FC83544}] => C:\Program Files (x86)\StarMoney 8.0\app\StarMoney.exe FirewallRules: [{8EBB4BE5-55C0-4CBC-A437-95BC8083E29D}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{3E0BC3E2-14E7-4E26-A538-B7DB3DA9E15D}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{0EBD78F8-54AC-473D-A66B-9827FEA66559}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A954E55A-FD47-489D-B415-E5E7003861B1}] => LPort=2869 FirewallRules: [{AB1DA085-EB19-4892-A189-DE59BBA5183C}] => LPort=1900 FirewallRules: [{24D14A78-FD6F-441D-8229-90E28BAB6699}] => C:\Program Files (x86)\Steam\steamapps\common\battlefield bad company 2\BFBC2Game.exe FirewallRules: [{A5253445-B8E4-4C7E-B34D-E92291F9D33F}] => C:\Program Files (x86)\Steam\steamapps\common\battlefield bad company 2\BFBC2Game.exe FirewallRules: [{6208F749-F657-4ACC-8A21-9D4D549389F2}] => C:\Program Files (x86)\Steam\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm FirewallRules: [{7F738478-718E-423D-ADEF-45137CC2DD93}] => C:\Program Files (x86)\Steam\steamapps\common\battlefield bad company 2\Support\EA Help\Electronic_Arts_Technical_Support.htm FirewallRules: [{B15FCE6D-BFE5-4762-ABCD-BDD387747DB3}] => LPort=5900 FirewallRules: [{22A23363-B7AB-40F6-96A0-E250F53BC450}] => LPort=5800 FirewallRules: [{2ED43406-3E84-469D-820A-35DBDCF11E73}] => C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat FirewallRules: [{4913FA69-31A9-43A8-B01C-BA7730FB5BD7}] => C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat FirewallRules: [{8222E7DB-F3D3-41B8-94B4-3A549E6FA7BF}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe FirewallRules: [{4846A7BA-2550-4195-90E9-2200296DE422}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe FirewallRules: [{EA5DDDD5-355F-460D-902C-AAFDFE0A1F39}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9ECC91BC-63C3-496F-B00E-DF1C6C15D59F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{73C15886-7088-4A1C-8E9A-3E5F9EE7B7E3}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{37E8B678-5A51-4B3D-995F-5A2968F3D056}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2EC49CB4-D987-4E62-8D43-65697F727CBB}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{527D19F9-6B9A-4ADD-8B45-9624660AECD4}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{7862F83F-BEC5-4BB3-B6C5-0367F459757A}] => C:\Program Files\MAGIX\Video deluxe 2015\Videodeluxe.exe FirewallRules: [{6CC6DCA6-362A-4373-9ABB-93EFD80B95C8}] => C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{513573A8-678A-4339-89AA-22B6A6B959AB}] => C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{9FEE50C7-8B7F-412C-B8DC-E1AFE6D0A38F}] => C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe FirewallRules: [{593BADA4-19A9-4D3C-9DB7-8A8BE69E711C}] => C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe FirewallRules: [{2B64A215-B780-4E62-8A1E-3F58ECCDFAC9}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{206D541C-2BC9-40F1-8D6D-D357FF59AB32}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{BA141F80-146A-4D07-A848-8A395C5428D3}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8A07722C-4E48-45BB-BF93-F9D2ABB5D7A2}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{91CD5D1C-7BA7-4767-92F6-19453BA933C0}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{228AC38C-FE41-42F0-973F-D1A1CBF0CBD6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8FB4CE53-4F34-4545-8C0F-9C29BD18A80D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D50BDB46-B8BD-41EA-ABF6-074AB2C0867A}] => C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{75FACAE3-CFD3-47AC-B6E4-42C86BF11265}] => C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{E2235E51-EBF2-4177-9105-08A613B96BF2}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe FirewallRules: [{F541AF1C-1846-492C-9DAD-F863AA436EDC}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe FirewallRules: [{7AD6AD1D-0059-4341-8EF3-CF19960FF7B0}] => C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe FirewallRules: [{341AECAA-2C40-4665-98ED-77807F0E3AE3}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe FirewallRules: [{34FA178F-061E-4133-BE1F-01A4DC882A95}] => LPort=5357 FirewallRules: [{BF0E3422-A96B-4576-8254-EFDB9BD2812D}] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{A4C530F4-3BF9-47BB-A563-8224D9F9FA74}] => C:\Users\SR\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe FirewallRules: [{0C3C5C08-8BEA-457A-86D0-4C5896A569A6}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{ED0A998F-30E2-413C-BA66-22DB56721A25}] => C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{2F926CB5-9FA0-42C2-A251-F0AF2B3EB6D0}] => C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8EBDE48F-610A-47AA-A7B7-4A7A69ABC6A7}] => C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{6D6BA1E3-0633-4C55-B8DC-538CCE949FCB}] => C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{B7914276-E239-4688-9EBD-4ACADD99FD85}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7850BE59-E03A-4ED0-9E87-6D606A35C6EB}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{DF521031-E26D-4E2A-B5CD-5C699F9D7214}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A38E72F1-BB27-4693-AA52-9826493AB341}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{1E92BB67-ACF4-4AD4-B077-FB5ECDF578B4}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{75E957CC-8DA3-4BA1-A65B-265BEA90D207}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{74F787E0-7A7D-414D-B871-F9F30C83AFC2}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{C7AA2A57-9B36-4E2D-97C4-8A925425361A}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{BBA041EF-082F-4850-B235-7010DC90F5EC}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{B1F956E5-8A18-4EDA-8BD5-187770D38B5F}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{C8969159-D854-48CC-A3EC-753F0ED22050}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0E1DD575-ACE4-4080-986E-B4F07382CB89}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{BB7C9577-BFEF-4D38-98C8-6FFEB63FF307}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{C449CCB6-B811-4CD7-898F-8AEA1E3A418F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CAE1377A-DE32-4F71-A849-C57453A678EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{13D7243A-27AD-454A-9343-D03B9184F467}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe FirewallRules: [{BFF29A49-1E33-4D47-9592-2D2D7244F613}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Main_Win64_Retail.exe FirewallRules: [{C22D1994-062B-484B-98BC-1E51BDF20F41}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe FirewallRules: [{D3650468-1256-489F-A47D-82FC69870B78}] => C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare 2\GW2.Trial_Win64_Retail.exe ==================== Wiederherstellungspunkte ========================= 14-01-2017 16:09:00 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/17/2017 09:24:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 09:24:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 09:24:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 09:24:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 08:34:27 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 08:34:27 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 08:34:27 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 08:34:27 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/17/2017 08:24:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MB.exe, Version: 15.0.10.302, Zeitstempel: 0x56a9cb06 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0783915c ID des fehlerhaften Prozesses: 0x3bd0 Startzeit der fehlerhaften Anwendung: 0x01d270f72692daab Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Buhl\Mein Büro\MB.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 6e694408-0dfa-445e-90e6-859daa7a41e4 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/17/2017 08:04:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 50.1.0.6186, Zeitstempel: 0x5849ff9c Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x58256ca0 Ausnahmecode: 0xc00000fd Fehleroffset: 0x0003b502 ID des fehlerhaften Prozesses: 0x2bc Startzeit der fehlerhaften Anwendung: 0x01d270f254cc3935 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: bbb4e8fb-82b7-4520-ba53-1c367329be44 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (01/18/2017 03:36:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Acronis Sync Agent Service" wurde aufgrund folgenden Fehlers nicht gestartet: Zugriff verweigert Error: (01/18/2017 03:35:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (01/18/2017 03:35:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} und der APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (01/18/2017 03:35:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. Error: (01/18/2017 03:34:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (01/18/2017 03:34:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "AcrSch2Svc" wurde aufgrund folgenden Fehlers nicht gestartet: Zugriff verweigert Error: (01/18/2017 03:34:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "tib_mounter" wurde aufgrund folgenden Fehlers nicht gestartet: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (01/18/2017 03:34:02 PM) (Source: volmgr) (EventID: 45) (User: ) Description: Das System konnte den Treiber für das Speicherabbild nicht laden. Error: (01/18/2017 03:33:49 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen. Error: (01/18/2017 03:33:49 PM) (Source: volmgr) (EventID: 45) (User: ) Description: Das System konnte den Treiber für das Speicherabbild nicht laden. CodeIntegrity: =================================== Date: 2017-01-18 07:55:35.791 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.785 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.778 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.772 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.766 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.760 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.741 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.711 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.692 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-18 07:55:35.672 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz Prozentuale Nutzung des RAM: 36% Installierter physikalischer RAM: 8109.11 MB Verfügbarer physikalischer RAM: 5161.58 MB Summe virtueller Speicher: 16301.11 MB Verfügbarer virtueller Speicher: 13336.63 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:237.93 GB) (Free:21.65 GB) NTFS Drive d: () (Fixed) (Total:298.09 GB) (Free:66.54 GB) NTFS Drive f: (Backup) (Fixed) (Total:445.76 GB) (Free:373.35 GB) NTFS Drive g: (Mailstore 20GB) (Fixed) (Total:20 GB) (Free:18.48 GB) NTFS Drive k: (GDATA Stick) (Removable) (Total:3.73 GB) (Free:3.63 GB) NTFS Drive o: (Onedrive) (Network) (Total:698.64 GB) (Free:393.2 GB) NTFS Drive z: () (Network) (Total:1862.92 GB) (Free:411.33 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: C3E4EEB7) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B9D5B9D5) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=42) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2BAB359D) Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 3.7 GB) (Disk ID: 305B671B) Partition 1: (Active) - (Size=3.7 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
18.01.2017, 17:24 | #5 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016)Zitat:
Du hast das addition.log frisiert, ich gehe davon aus, dass du die typischen Einträge für gecrackte Adobe Software entfernt hast. Lesestoff: Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
18.01.2017, 18:00 | #6 |
| PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Ich habe tatsächlich Einträge entfernt. Es waren mehrere Einträge mit hinweisen auf mein DYN-DNS und meine FritzBox. Ich habe keine illegale Software. |
18.01.2017, 18:09 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Der dortige Eintrag steht aber auch im Zusammenhang mit gecrackter Adobe-Software. Du hast CS5.5 drauf, wird gerne gecrackt.
__________________ Logfiles bitte immer in CODE-Tags posten |
19.01.2017, 07:20 | #8 |
| PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) Wie gesagt. Ich habe keine Software welche mir nicht gehört. |
19.01.2017, 09:08 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) https://www.reddit.com/r/Piracy/comm...cked_in_hosts/ da taucht u.a. dein Eintrag auf. Und solange die gecrackte Adobe Software drauf ist gibt es hier keine Hilfe bei der Reinigung.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu PC vermutlich befallen (Opfer des Teamviewer hacks aus 06/2016) |
aktion, appdata, befallen, code, daten, erkannt, erneut, explorer, fremde, fremden, geändert, google, hallo zusammen, installieren, internet, internet explorer, kis, malware, microsoft, opfer, passwörter, paypal, quarantäne, scan, schonmal, teamviewer, windows, zusammen |