| |
| |||||||
Log-Analyse und Auswertung: Adware installiert immer wieder Chrome und ToolbarsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.05.2017, 15:13
| #1 |
 |  Adware installiert immer wieder Chrome und Toolbars Hallo, ich wende mich nun nach einiger Zeit des selbst Probierens mit Emisoft, Malwarebytes und adwarecleaner nun an euch. Ich habe das Problem, dass sich seitdem ich YAC (=yet another cleaner) deinstalliert habe (warum ich den auch immer hatte) immer wieder Chrome installiert und toolbars und Suchmaschinen in Firefox meinem Mainbrowser installieren. Ich konnte bis jetzt diese Toolbars immer mit dem Adwarecleander und Malwarebytes sowie dem emisoft emergency kit deinstallieren, aber er kam immer wieder. Es war immer der selbe Befund: ADWARE.Elex und manchmal ADWARE.Gokhsaw oder so. Heute hat sich Chrome mal wieder installiert und dazu verknüpfungen für irgendwelche p2p games big bang game oder so. Nun habe ich mein Standard prozedere durchgespielt (scans,scans,scans und löschen) und mal im internet dazu recherchiert, dadurch bin ich hierher gekommen und wollte euch nun um hilfe bitten. Hier mal nen paar logs von mir  FRst Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von (Administrator) auf (11-05-2017 15:53:47)
Gestartet von F:\downloads
Geladene Profile: Leander (Verfügbare Profile: )
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-06-25] (VIA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify] => C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [EADM] => E:\Origin\Origin.exe [3046264 2017-05-02] (Electronic Arts)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify Web Helper] => C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks] => F:\My Games\Wot\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Warships] => F:\My Games\WOW\WargamingGameUpdater.exe [3134216 2017-03-09] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks (1)] => "F:\My Games\Wot Testserver\WargamingGameUpdater.exe"
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Prime95] => C:\Users\Leander\AppData\Local\Temp\Rar$EXa0.507\prime95.exe <===== ACHTUNG
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: Kein Name - {8F0F267E-12E9-11E7-A647-64006A5CFC23} - C:\Users\Leander\AppData\Roaming\Rekerghareday\Thaferknicik.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.198.1
Tcpip\..\Interfaces\{1b9d694c-0723-46f2-82ca-561812a30ba7}: [DhcpNameServer] 192.168.198.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1473955321833
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: eqtdc3ih.default
FF ProfilePath: C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default [2017-05-11]
FF NewTab: Mozilla\Firefox\Profiles\eqtdc3ih.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF Extension: (AdBlocker Ultimate) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-29]
FF Extension: (MEGA) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Adblock Plus) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2147216 2017-05-02] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3116440 2017-05-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 NPASRE; C:\Users\Leander\AppData\Local\NPASRE\Snare.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-08-20] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-17] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-17] (Disc Soft Ltd)
R1 epp; E:\PROGRAM FILES (X86)\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2013-08-05] (Etron Technology Inc)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-08-20] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-11] (Malwarebytes)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2003-04-22] () [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 cmanvwhc; \??\C:\WINDOWS\system32\drivers\cmanvwhc.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-11 15:53 - 2017-05-11 15:53 - 00001240 _____ C:\Users\Leander\Desktop\Sacn mwb.txt
2017-05-11 15:53 - 2017-05-11 15:53 - 00000000 ____D C:\FRST
2017-05-11 15:48 - 2017-05-11 15:48 - 00002883 _____ C:\Users\Leander\Desktop\AdwCleaner[C8].txt
2017-05-11 15:47 - 2017-05-11 15:47 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-05-11 15:46 - 2017-05-11 15:46 - 00000000 ____D C:\Users\Leander\AppData\Local\PeerDistRepub
2017-05-11 15:45 - 2017-05-11 15:45 - 00003162 _____ C:\Users\Leander\Desktop\scan_170511-143141.txt
2017-05-11 14:16 - 2017-05-11 14:16 - 00000000 ____D C:\Users\Leander\AppData\Local\Macromedia
2017-05-11 14:12 - 2017-05-11 14:12 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-11 14:03 - 2017-05-11 15:49 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Mozilla
2017-05-11 14:00 - 2017-05-11 14:36 - 00000000 ____D C:\Windows\AppReadiness
2017-05-11 14:00 - 2017-05-11 14:00 - 00000000 ____D C:\Users\Leander\.QtWebEngineProcess
2017-05-11 14:00 - 2017-05-11 14:00 - 00000000 ____D C:\Users\Leander\.Origin
2017-05-11 13:59 - 2017-05-11 15:45 - 00000000 ____D C:\Reerdition
2017-05-11 13:46 - 2017-05-11 13:46 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-11 10:28 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-11 10:28 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-11 10:28 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-11 10:28 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-11 10:28 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:28 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-11 10:28 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 10:28 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-11 10:28 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-11 10:28 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-11 10:28 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-11 10:28 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-11 10:28 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 10:28 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-11 10:28 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-11 10:28 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-11 10:28 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-11 10:28 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 10:28 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-11 10:28 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-11 10:28 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-11 10:28 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-11 10:28 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-11 10:28 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-11 10:27 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-11 10:27 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 10:27 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-11 10:27 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-11 10:27 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-11 10:27 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 10:27 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-11 10:27 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-11 10:27 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-11 10:27 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-11 10:27 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-11 10:27 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-11 10:27 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-11 10:27 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-11 10:27 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-11 10:27 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-11 10:27 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-11 10:27 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-11 10:27 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-11 10:27 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-11 10:27 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-11 10:27 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-05-11 10:27 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-11 10:27 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-11 10:27 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-11 10:27 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-11 10:27 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-11 10:27 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-11 10:27 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-11 10:27 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-11 10:27 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-11 10:27 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-11 10:27 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-11 10:27 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 10:27 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-11 10:27 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-11 10:27 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-05-11 10:26 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-11 10:26 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-11 10:26 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-11 10:26 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-11 10:26 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-11 10:26 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-11 10:26 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-11 10:26 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-11 10:26 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-11 10:26 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-11 10:26 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-11 10:26 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-11 10:26 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-11 10:26 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-11 10:26 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-11 10:26 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-11 10:26 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-11 10:26 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-11 10:26 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-11 10:26 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-11 10:26 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-11 10:26 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-11 10:26 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-11 10:26 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-11 10:26 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-11 10:26 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-11 10:26 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-11 10:26 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:26 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-11 10:26 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-11 10:26 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-11 10:26 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-11 10:26 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-07 14:33 - 2017-05-07 14:33 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\5FB23263.sys
2017-05-05 21:39 - 2017-05-11 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 13:56 - 2017-05-05 13:56 - 00000000 ____D C:\Users\Leander\AppData\Local\NVIDIA Corporation
2017-05-05 13:53 - 2017-05-05 13:53 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 13:53 - 2017-05-02 00:38 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-05-05 13:53 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-05-05 13:53 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-05-05 13:53 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-05-05 13:50 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-05-05 13:41 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-05 13:41 - 2017-05-02 00:38 - 00513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-05-05 13:41 - 2017-05-02 00:38 - 00418936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-05-05 13:37 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-05 13:36 - 2017-05-05 13:36 - 00000000 ____D C:\NVIDIA
2017-05-05 12:55 - 2017-05-05 12:55 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-05 12:54 - 2017-05-05 12:54 - 00003650 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-04 21:09 - 2017-05-04 21:10 - 00000000 ____D C:\Users\Leander\Documents\Need For Speed
2017-05-04 20:57 - 2017-05-04 20:57 - 00000709 _____ C:\Users\Public\Desktop\Need for Speed™.lnk
2017-05-04 17:11 - 2017-05-04 17:11 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\3B4040D4.sys
2017-04-30 17:40 - 2017-04-30 17:40 - 00000000 ____D C:\Users\Leander\AppData\Local\Sniper3
2017-04-29 10:21 - 2017-05-04 19:54 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Factorio
2017-04-28 14:53 - 2017-04-28 14:53 - 00002749 _____ C:\Users\Public\Desktop\Factorio.lnk
2017-04-28 14:53 - 2017-04-28 14:53 - 00000000 ____D C:\Program Files (x86)\Factorio
2017-04-26 09:43 - 2017-04-26 09:43 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:39 - 2017-05-05 13:59 - 00000000 ____D C:\Insist
2017-04-21 22:06 - 2017-04-21 22:06 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\750F2B85.sys
2017-04-21 21:42 - 2017-04-21 21:42 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4201187D.sys
2017-04-21 18:50 - 2017-04-21 18:50 - 00000000 _____ C:\Windows\SysWOW64\44
2017-04-20 18:53 - 2017-04-20 18:53 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 18:48 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-20 18:45 - 2017-05-11 10:29 - 00000000 _____ C:\Windows\SysWOW64\1
2017-04-20 18:40 - 2017-04-20 18:40 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\656C3FB5.sys
2017-04-19 11:23 - 2017-05-11 14:10 - 00002106 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 11:20 - 2017-04-19 11:20 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4981203A.sys
2017-04-18 18:30 - 2017-04-19 11:01 - 00001799 _____ C:\Users\Leander\Desktop\Warum AMD am Arsch ist.txt
2017-04-15 21:52 - 2017-04-15 21:58 - 00000000 ____D C:\Users\Leander\Downloads\Fakki
2017-04-15 21:50 - 2017-04-15 21:50 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 2 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 2
2017-04-15 20:35 - 2017-05-11 13:51 - 00245640 _____ C:\Users\Leander\Downloads\Firefox Setup Stub 52.0.2 (1).exe
2017-04-15 20:20 - 2017-04-15 21:49 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 1 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 1
2017-04-15 13:13 - 2017-04-15 13:13 - 00001230 _____ C:\Users\Public\Desktop\Splinter Cell Conviction.lnk
2017-04-15 13:13 - 2017-04-15 13:13 - 00000000 ____D C:\Users\Leander\AppData\Local\storage
2017-04-15 11:55 - 2017-04-15 11:58 - 00000872 _____ C:\Users\Leander\Desktop\Act of Aggression.lnk
2017-04-14 14:21 - 2017-05-11 14:27 - 00000000 ____D C:\Users\Leander\Desktop\mbar
2017-04-12 09:47 - 2017-04-12 09:47 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\21CD3610.sys
2017-04-11 21:22 - 2017-04-19 11:23 - 00000000 ____D C:\Program Files (x86)\temp
2017-04-11 20:40 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-11 20:40 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-11 20:40 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-11 20:40 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-11 20:40 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-11 20:40 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-04-11 20:40 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 20:40 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2017-04-11 20:40 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-04-11 20:40 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 20:40 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-04-11 20:40 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-11 20:40 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-04-11 20:40 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-11 20:40 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 20:40 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2017-04-11 20:40 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 20:40 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-11 20:40 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-04-11 20:40 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-04-11 20:40 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-11 20:40 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-04-11 20:40 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-04-11 20:40 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 20:40 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 20:40 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 20:40 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys
2017-04-11 20:40 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-04-11 20:40 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-04-11 20:40 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 20:40 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2017-04-11 20:40 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-04-11 20:40 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-11 20:40 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-04-11 20:40 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 20:40 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-04-11 20:40 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-11 20:40 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-04-11 20:40 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2017-04-11 20:40 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 20:40 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 20:40 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-04-11 20:40 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-11 20:40 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-04-11 20:40 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2017-04-11 20:40 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2017-04-11 20:40 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 20:40 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-04-11 20:40 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-11 20:40 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-11 20:40 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2017-04-11 20:40 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-11 20:40 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-04-11 20:40 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-04-11 20:40 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-04-11 20:40 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-11 20:40 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-04-11 20:40 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-04-11 20:40 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 20:40 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2017-04-11 20:40 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-11 20:40 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-04-11 20:40 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-04-11 20:39 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-11 20:39 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-11 20:39 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-11 20:39 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-11 20:39 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-11 20:39 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-11 20:39 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-04-11 20:39 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-04-11 20:39 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-11 20:39 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-11 20:39 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-04-11 20:39 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-11 20:39 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-04-11 20:39 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll
2017-04-11 20:39 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll
2017-04-11 20:39 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-04-11 20:39 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-11 20:39 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2017-04-11 20:39 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2017-04-11 20:39 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 20:39 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-04-11 20:39 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2017-04-11 20:39 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 20:39 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 20:39 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 20:39 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 20:39 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2017-04-11 20:39 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-04-11 20:39 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-04-11 20:39 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-04-11 20:39 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-04-11 20:39 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-04-11 20:39 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-11 20:39 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-04-11 20:39 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-11 20:39 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2017-04-11 20:39 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-11 20:39 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2017-04-11 20:39 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-04-11 20:39 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2017-04-11 20:39 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-04-11 20:39 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 20:39 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-11 20:39 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-11 20:39 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-11 20:39 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-04-11 20:39 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-04-11 20:39 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-04-11 20:39 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-04-11 20:39 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-11 20:39 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-04-11 20:39 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2017-04-11 20:39 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-11 20:39 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-04-11 20:39 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 20:39 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-04-11 20:39 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-11 15:53 - 2016-07-17 00:51 - 03069394 _____ C:\Windows\system32\perfh007.dat
2017-05-11 15:53 - 2016-07-17 00:51 - 00829476 _____ C:\Windows\system32\perfc007.dat
2017-05-11 15:53 - 2016-06-25 14:22 - 06255588 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-11 15:48 - 2016-12-16 16:53 - 00000000 ____D C:\Users\Leander\AppData\Local\CrashDumps
2017-05-11 15:48 - 2016-07-13 19:59 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Skype
2017-05-11 15:48 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Spotify
2017-05-11 15:48 - 2015-10-21 19:20 - 00000000 ___RD C:\Users\Leander\OneDrive
2017-05-11 15:47 - 2017-03-31 17:17 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-11 15:47 - 2016-10-08 10:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-11 15:47 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-05-11 15:46 - 2015-05-31 17:04 - 00000000 ___DC C:\AdwCleaner
2017-05-11 15:39 - 2016-10-08 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-11 14:28 - 2016-06-25 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 14:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Programme
2017-05-11 14:03 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Mozilla
2017-05-11 14:02 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Local\Packages
2017-05-11 14:01 - 2017-03-31 17:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-11 14:00 - 2016-10-08 10:34 - 00000000 ____D C:\Users\Leander
2017-05-11 14:00 - 2016-07-06 11:44 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Origin
2017-05-11 14:00 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Adobe
2017-05-11 14:00 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 13:57 - 2016-10-08 10:32 - 00228168 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 13:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 13:56 - 2017-03-27 22:31 - 00000000 ____D C:\Users\Leander\AppData\Roaming\SmartSteamEmu
2017-05-11 13:56 - 2017-02-08 18:48 - 00000000 ____D C:\AMD
2017-05-11 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Registration
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 13:55 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-11 10:34 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 10:29 - 2016-06-25 16:29 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 10:29 - 2016-06-25 16:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-11 09:37 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-11 08:43 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-11 08:42 - 2016-06-25 18:01 - 00000000 ____D C:\Users\Leander\AppData\Local\Adobe
2017-05-09 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 15:29 - 2016-07-09 19:45 - 00000000 ____D C:\Users\Leander\AppData\Roaming\vlc
2017-05-09 11:10 - 2017-03-30 20:58 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2017-05-09 09:07 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Local\Spotify
2017-05-08 21:38 - 2016-07-08 18:41 - 00000000 ____D C:\Users\Leander\AppData\Local\Ubisoft Game Launcher
2017-05-08 21:38 - 2016-06-25 21:47 - 00000000 ____D C:\Users\Leander\AppData\Local\JDownloader v2.0
2017-05-06 21:20 - 2015-10-23 20:40 - 00000000 ____D C:\Users\Leander\Documents\My Games
2017-05-05 13:53 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Help
2017-05-05 12:53 - 2017-02-08 18:55 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2017-05-05 12:53 - 2016-10-08 10:32 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-05-04 17:17 - 2016-11-27 15:50 - 00000000 ____D C:\Users\Leander\Documents\Project CARS
2017-05-03 09:53 - 2015-11-14 19:25 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 3
2017-05-02 20:25 - 2016-07-08 15:47 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-05-02 20:25 - 2016-07-08 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-05-01 20:14 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Games
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-08 10:34 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-04-20 18:41 - 2016-12-17 19:11 - 00003284 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-20 18:41 - 2016-06-25 14:21 - 00002389 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-19 11:32 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Local\Mozilla
2017-04-19 11:23 - 2017-03-10 07:39 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.3d
2017-04-19 11:23 - 2017-02-26 11:18 - 00000000 ____D C:\Users\Leander\Documents\Stronghold Crusader
2017-04-19 11:23 - 2017-02-23 11:50 - 00000000 ____D C:\Users\Leander\AppData\Local\0ad
2017-04-19 11:23 - 2017-02-13 20:02 - 00000000 ____D C:\Users\Leander\Documents\Mount&Blade Warband
2017-04-19 11:23 - 2017-01-21 13:04 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WhatsApp
2017-04-19 11:23 - 2017-01-16 14:31 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.0
2017-04-19 11:23 - 2017-01-15 21:37 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Tropico 5
2017-04-19 11:23 - 2016-12-19 20:40 - 00000000 ____D C:\Users\Leander\AppData\Roaming\dvdcss
2017-04-19 11:23 - 2016-12-14 17:24 - 00000000 ____D C:\Users\Leander\AppData\Local\LOOT
2017-04-19 11:23 - 2016-10-30 15:14 - 00000000 ____D C:\Users\Leander\Documents\Command and Conquer Generals Zero Hour Data
2017-04-19 11:23 - 2016-10-15 13:55 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 1
2017-04-19 11:23 - 2016-10-04 20:19 - 00000000 ____D C:\Users\Leander\AppData\Roaming\TS3Client
2017-04-19 11:23 - 2016-09-01 21:17 - 00000000 ____D C:\Users\Leander\Documents\Master of Orion
2017-04-19 11:23 - 2016-08-20 21:40 - 00000000 ____D C:\Users\Leander\Documents\ANNO 1404 Venedig
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 __RSD C:\Windows\Media
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\security
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\InputMethod
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\IME
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 11:23 - 2016-07-14 21:17 - 00000000 ____D C:\Users\Leander\Documents\Dolphin Emulator
2017-04-19 11:23 - 2016-07-13 18:42 - 00000000 ____D C:\Users\Leander\AppData\Local\SKIDROW
2017-04-19 11:23 - 2016-07-10 13:50 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Frontier Developments
2017-04-19 11:23 - 2016-07-07 12:41 - 00000000 ____D C:\Users\Leander\AppData\Roaming\.minecraft
2017-04-19 11:23 - 2016-06-25 14:20 - 00000000 ____D C:\Users\Leander\AppData\Local\MicrosoftEdge
2017-04-19 11:23 - 2016-06-25 14:17 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-19 11:23 - 2016-06-11 16:27 - 00000000 ____D C:\Users\Leander\Documents\Spiele
2017-04-19 11:23 - 2016-04-01 19:34 - 00000000 ____D C:\Users\Leander\.litwrl
2017-04-19 11:23 - 2016-03-24 16:54 - 00000000 ____D C:\Users\Leander\Documents\TrackMania
2017-04-19 11:23 - 2016-03-23 13:43 - 00000000 ____D C:\Users\Leander\Documents\STAR WARS Battlefront
2017-04-19 11:23 - 2016-01-03 22:58 - 00000000 ____D C:\Users\Leander\Documents\3DMark
2017-04-19 11:23 - 2015-12-29 17:01 - 00000000 ____D C:\Users\Leander\Documents\BFH
2017-04-19 11:23 - 2015-12-13 17:16 - 00000000 ____D C:\Users\Leander\Documents\FIFA 15
2017-04-19 11:23 - 2015-12-03 19:02 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Adobe
2017-04-19 11:23 - 2015-11-11 19:07 - 00000000 ____D C:\Users\Leander\Documents\StarCraft II
2017-04-19 11:23 - 2015-10-29 21:02 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 4
2017-04-19 11:23 - 2010-11-21 09:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-04-14 23:37 - 2017-03-31 17:17 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-14 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-04-14 15:24 - 2017-03-31 17:17 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-14 15:24 - 2017-03-31 17:17 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-14 15:24 - 2017-03-31 17:16 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-12 03:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-12 03:18 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2017-04-11 21:03 - 2016-07-08 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-04-11 19:47 - 2016-10-08 10:40 - 00004440 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-26 12:47 - 2016-07-05 19:47 - 0000151 _____ () C:\Users\Leander\AppData\Roaming\WB.CFG
2016-11-27 19:44 - 2016-12-27 13:45 - 0007597 _____ () C:\Users\Leander\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole4047230449030724081.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole7442378117606400700.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole780015794168616176.dll
2017-03-20 18:26 - 2017-03-20 18:26 - 14456872 _____ (Microsoft Corporation) C:\Users\Leander\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:27
==================== Ende von FRST.txt ============================
Von adwarecleaner hätte ich noch mehr scans. Addition kommt auch noch im nächsten post. Allerdings sind die hier geposteten scans NACH meinem üblichen prozedere entstanden, desshalb denke ich, dass sie nicht so gut helfen. besonders mwb und adwarecleaner nicht. Wee ich die nachreichen soll einfach sagen Ich hoffe auf eure Hilfe ;D |
|
11.05.2017, 15:29
| #2 |
| | Adware installiert immer wieder Chrome und Toolbars So hier ist addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Leander (11-05-2017 15:54:25)
Gestartet von F:\downloads
Windows 10 Pro Version 1607 (X64) (2016-10-08 08:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-314425503-1263803708-1118067362-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-314425503-1263803708-1118067362-503 - Limited - Disabled)
Gast (S-1-5-21-314425503-1263803708-1118067362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-314425503-1263803708-1118067362-1002 - Limited - Enabled)
Leander (S-1-5-21-314425503-1263803708-1118067362-1000 - Administrator - Enabled) => C:\Users\Leander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0 A.D. (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\0 A.D.) (Version: r18915P-alpha - Wildfire Games)
Act of Aggression MULTI2 1.0 (HKLM-x32\...\Act of Aggression MULTI2 1.0) (Version: - )
Act of Aggression Update 14 MULTI2 1.0 (HKLM-x32\...\Act of Aggression Update 14 MULTI2 1.0) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.28890 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
Borderlands 2 GOTY version 1.8.2 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2 - 2K Games)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2016 (HKLM\...\Steam App 391040) (Version: - Codemasters)
Factorio (HKLM-x32\...\{2BCB3CEC-B168-450B-857D-408CA9E9F3C4}) (Version: 12.24.0000 - Your Company Name)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
GdZ WoT ModPack Version 0.9.17.0.06 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.17.0.06 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: Mass Effect 3 - )
Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft OneDrive (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\1893001152_is1) (Version: 2.0.0.3 - GOG.com)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: - )
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shadow Warrior 2 (HKLM-x32\...\1434021265_is1) (Version: 2.0.0.4 - GOG.com)
Shadow Warrior 2 Pre-order Exclusive (HKLM-x32\...\1267008497_is1) (Version: 2.0.0.1 - GOG.com)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
SpellForce 2 Patch (x32 Version: 1.0.0 - JoWood) Hidden
Splinter Cell: Conviction - Deluxe Edition (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}_is1) (Version: 1.04.000 - Ubisoft)
Spotify (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version: - Petroglyph)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XVM Version 6.4.3 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.3 - XVM team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C14277FD74D4}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12FD3112-DD67-4F99-A131-5729DDC1C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {1406D884-61DC-4B4D-8B4F-5C027501E4F3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {2A043FF9-3775-45BE-96FE-1074721A002B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {31244610-8760-4B4E-8A8A-9EF7E29EEA23} - \Buhukhjoly -> Keine Datei <==== ACHTUNG
Task: {8FFE60D5-A499-4D75-B1F2-E0B9A7E0AE6A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-leander-hausmann@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {966282B4-8F3D-4636-875D-C1ED5539DE98} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
Task: {A87C61AC-122E-4289-B391-8B47E3B080B5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {B38B6170-5E59-4D10-8FD4-51AD70098688} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-02] (NVIDIA Corporation)
Task: {BF8866CF-CFB4-47CD-973E-1FBDD5DBDEE8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Leander\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DF58C814-98FC-4C83-94D0-C888DC80FAE5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-31 17:16 - 2017-04-14 15:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-08 10:31 - 2016-07-08 21:28 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-08 20:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:12 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 14:18 - 2017-05-09 14:19 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 14:18 - 2017-05-09 14:19 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-04-07 13:27 - 2017-04-07 13:27 - 02567168 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2017-04-07 13:27 - 2017-04-07 13:27 - 00138752 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 02493440 _____ () E:\Origin\libGLESv2.dll
2017-01-19 06:46 - 2017-01-19 06:46 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 67725936 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libcef.dll
2016-10-27 17:54 - 2017-04-20 18:41 - 00110192 _____ () C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 01929840 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libglesv2.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 00087152 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libegl.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-06-25 15:08 - 2016-06-25 15:06 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.198.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{363E6FE3-05AA-4245-BEB8-2B4E8CD2424C}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{0B150D02-1977-45E3-8A17-A51A5EEFA337}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{23529468-A65B-4EDF-9CA3-1730D28A2974}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{A503D355-AD3C-4420-946D-6574FFE49D4A}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{454DAB07-9945-460C-95CC-22062FB7A43E}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{71FB9FAA-8E79-4D04-A687-8AD32BAE534D}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E59E606-789C-4809-A4FB-04E905F212D1}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{F60A8791-663B-40D8-BA96-C98817A64AB4}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [UDP Query User{DEDB94BE-05B1-46BD-B1F7-764FD9A02800}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [TCP Query User{7293833D-4038-421A-A6EC-056E91781B7B}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{6E3679F6-6E56-4056-A62C-38FFCEFA9179}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{A50E42BB-4B73-41AD-A196-95533DB7BD85}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{804DD275-645E-4943-BFDD-ECA62E362FB3}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F531007A-DDC5-401A-B50A-30A88787019E}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{610AD0C5-449A-4B7E-8BB3-B577DBB0B889}] => (Allow) LPort=8090
FirewallRules: [{BB1D5C61-C74E-4856-B047-4A23FCBCE604}] => (Allow) LPort=8090
FirewallRules: [{5114F9E0-C29A-4B77-B3F2-E9651D6ECDF5}] => (Allow) LPort=20443
FirewallRules: [{96C073AC-EF66-421E-A93D-0E2DF23E360E}] => (Allow) LPort=20443
FirewallRules: [{1E2E955A-14E9-4F49-AAD7-6C3DA314CA4C}] => (Allow) LPort=33333
FirewallRules: [{93EED35E-BBB6-41F8-8D82-697DC174FFC9}] => (Allow) LPort=33333
FirewallRules: [{B8BE5478-9D36-4ADC-877A-706BA989AAC6}] => (Allow) LPort=6881
FirewallRules: [{7740550A-9F38-4D94-8139-CEB616D8448B}] => (Allow) LPort=6881
FirewallRules: [{EE116E94-7F11-4821-B1A0-7BB23DD36CB3}] => (Allow) LPort=27022
FirewallRules: [{B830484E-1CD7-487F-A0E6-C21ECEAF026D}] => (Allow) LPort=27022
FirewallRules: [{F4688C96-87D0-4FAC-973C-6E499E6FBEFF}] => (Allow) LPort=7853
FirewallRules: [{E979BEA8-42F2-4775-A126-8E7B67205DE5}] => (Allow) LPort=7853
FirewallRules: [{7655A8CB-9A30-4F41-BF5A-5C52A3BE3097}] => (Allow) LPort=7852
FirewallRules: [{D889F872-9573-4B3D-A3D5-44E4E22C67AF}] => (Allow) LPort=7852
FirewallRules: [{EBB00AD9-6A87-4E2C-A94A-1F3B9A5855AE}] => (Allow) LPort=7850
FirewallRules: [{8778D438-EC2F-4402-8FBC-D8FFBF188188}] => (Allow) LPort=7850
FirewallRules: [{9516CF23-C46A-4412-A4F2-A7FA543C2317}] => (Allow) LPort=3478
FirewallRules: [{D1B835E9-5A11-4C44-BB99-25F1671675BC}] => (Allow) LPort=3478
FirewallRules: [{C62F6C43-5600-4898-8620-5B462A752663}] => (Allow) LPort=20010
FirewallRules: [{9FF63B17-486F-49BE-9D8F-52FB4CFFBFDE}] => (Allow) LPort=20010
FirewallRules: [{18464C8D-F6E0-4BD9-AE72-2C917722D61D}] => (Allow) LPort=443
FirewallRules: [{A6ABA7E4-4C5E-4D2F-826D-A603E9BB01D4}] => (Allow) LPort=443
FirewallRules: [{BD62661E-8F78-405C-A1C3-9DDF0021FC46}] => (Allow) LPort=80
FirewallRules: [{EAC0AF81-6235-4CF7-93F4-DB981D9EECC5}] => (Allow) LPort=80
FirewallRules: [{64A5B154-7769-44B4-9549-47171EE71E37}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{83F8ABB5-B4B5-42AB-A620-FDACC97B3177}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{30D54FAD-B268-4E6B-AAF3-517CBAFFEDDA}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{13C73473-1BE2-423F-AF27-F8D30B4D120D}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{55DCF095-2BB5-4EB8-9A32-FBCC7448E00C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{83B40331-014F-4BE3-90F7-B795E220BCBE}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{B9E26435-3C47-4A05-93A9-163D987FFDCA}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{53ADB0FD-4D0B-45EB-8522-464F17BD32F8}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{5164A686-3F2F-454E-BADB-2E431E72DE87}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{46E92748-1C10-4778-A30B-B1577ED01D6E}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{35A469B6-6105-496E-810B-9F145362C326}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{3067C56E-4D00-4160-A258-8FEB3EA55B83}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{9E1DC9A2-6215-4F13-9748-4087F8562633}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{E7B36AE3-1973-49B4-A085-10BF9236185D}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{D0E5DE4D-EEBB-49CC-855A-0A14EAD16844}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{E4B6618F-6905-4CFC-BCF5-7EE29CEE6C05}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{AEB33FC2-6539-4CE5-BFC0-E168AE351648}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{46DC66BA-1D67-4E48-A7C8-4A2C69558C35}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{E0991642-65BE-4F02-B224-1970117F206E}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{231B5321-184F-456B-B350-2B4119795246}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [UDP Query User{E2765E83-CE55-43C6-884E-5313E35B440C}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{41376B7B-43F2-4513-B074-B1C466E0EFBF}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{A3DF1BA5-4B57-4DAF-BAB5-472550973B66}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{A999C6FB-B122-406C-92D5-7739A568870B}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [UDP Query User{8020E4C2-4A83-480B-9E0D-CF035AE1BA17}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [TCP Query User{201ECC51-73A4-4DA4-A8BB-88ADE1FA6B9D}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{B433909A-59F6-49F7-A4A0-97E3DB467A26}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{4A00AF90-9AEA-4BFD-95D3-C8F014B8C457}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [UDP Query User{88A0C794-EB31-4288-9E1D-186D4A539C5C}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [TCP Query User{BF742393-0D2F-4EAA-9C64-B3A363DE6406}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{701ABC44-5E65-4A2C-895A-384EF7AEE232}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{ED02915B-B2A8-44EB-994B-93C6FD66B181}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{1FF8FA0D-91BA-4D21-8E29-85032456E89E}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{5A243388-E326-4A43-BF9D-7765BB2D91C9}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{E6A9B320-84C8-4564-9D97-B99B16F8CD65}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [TCP Query User{408C7B54-D730-48B7-8E29-D38AF2FD72B2}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{ECFA46CF-62F2-43EF-9C7C-3525BB39CE3C}] => (Allow) E:\Program Files (x86)\Hamachi\hamachi-2-ui.exe
FirewallRules: [{45D033D0-026B-4857-AAD2-C95FF33FC5B5}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{14E41967-9CF1-40FA-94FB-9C292FC8800E}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1E018E13-327E-43AE-8775-F7E47D4C482D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4B99F4D5-9C69-4C2B-8FBB-FF66C85AEAD3}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{F0D38FDA-25A4-49B5-9CC8-36FA7F585D38}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{4D1DD812-BD54-4735-B024-4B2DDE89A80E}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{EBF86DC0-414E-436A-A824-BFCAE71A0934}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{4D10EA7B-EB2C-44A8-9050-9AEB4EA85883}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{A3E69D28-305C-46FA-AF41-7721C91794C1}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{841ECE80-2317-4B0E-AF1C-E4B34D6FAEA9}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{432C154A-6E00-4A45-BA3A-B57F3B02DA5F}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{B45541EF-8D2F-4A34-927A-7008EC48BD3D}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{5DDD5A60-F33D-464F-8864-47C87E533AB7}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{263BF13D-45F7-4686-BEE1-14244A8BE335}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{89398CC9-CEC1-4341-9447-6CFCDE81399F}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{495439DA-0FC8-4998-B1DB-E5E76741DE10}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{CD9026BE-70EC-44E9-8891-A4A53D98A72E}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [TCP Query User{D6112A26-5EE4-459F-8876-3A9D9CD14881}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{7AF52A80-1ED0-4730-A543-071EB711ECAF}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{38D69740-06A7-4263-B280-015B5BF4E68F}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{98BB4733-E2C7-4841-B5C0-5F0E7ABA95BC}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{16D6DAAC-0544-41E9-8A9A-2105DEFBAC5D}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{CF236CDD-9E4A-4AD7-B642-DD472D5B41BC}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{9C475A95-C2BC-4C53-826F-59253B07597C}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{0AE8210C-C62F-4CF3-A8D8-7CEE8F89499D}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [TCP Query User{C4AA1A32-00E1-4703-BAB8-B88959BB341B}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{227FF8A4-7786-4CF5-838F-30342034D170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{A626A0DF-62EB-4254-86B4-6CD4782CAA56}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{3109808B-641B-424F-B3E0-E11216906791}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{8127BF89-577B-4998-ACA3-32F038530B36}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{FAE6032E-F4EE-414B-8AE6-1D055E841E2E}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{8A95DAA2-C8A5-4726-A744-AA4AF9E0C960}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0DB09C56-248D-458F-BA6A-9245B83C15A4}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{06EE8B04-710E-4C12-AADD-4F553C9FF06D}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{4C70084C-459B-480D-95CA-78342505265A}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{8281A504-113D-47ED-B426-C9210A46D40A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C93A92AC-3764-4535-9CF8-4FF0A75E3C1F}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DB64647D-CE28-4F0F-A22A-A66C4E557F93}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{4C4C95F4-CDD6-4842-A14E-6678E3DC2DB0}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{5DE164B0-C4FD-47E5-AB0B-AB0D80267E4E}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{4962F3E3-D443-4225-A5B0-A20A1279795C}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [UDP Query User{0B7C8258-2244-42B0-9987-A06B4A33EB16}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [TCP Query User{76C3519C-29F4-4278-B084-ECF45B83BC91}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [{1E2225EF-DB3D-45C5-97CD-7964840D30ED}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1A1528B9-07C9-487E-BAD9-C4BF4F94426C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E2F672A2-57F0-4A72-86E5-503CBB0C1040}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5D68CBFB-3C72-40E1-AA21-34BFF751BA13}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [UDP Query User{202392AA-A968-4248-A7D2-E89A21AB0FB2}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1D4F8250-FC52-4B08-B928-06A42D16B04B}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{8D1E9DE8-3DB0-4D5D-B21B-5CADCCEA0594}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4756BC1A-F7A0-4FEA-8047-DB0BF0D88F5D}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B7CD1BBF-9584-4FBD-B019-17FE158AF96E}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9D152118-5E51-4B01-B605-1EFF028904F1}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8A8F74D-6E34-47D2-A809-EE8CF6BC4948}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{47957802-9E43-4DB9-91C2-647C001415BF}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{B5605940-609B-4608-BBD9-22D61E274A66}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{9C0E881A-423C-4E15-8034-77C16F83B1CF}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{5880BB55-F33C-4B42-AA9A-5D04DBF7D39E}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{48C5578A-880C-4D5E-968A-EBCAD580ADE0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3B9B126-5672-48D1-AB53-9EC369342CA0}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C0099489-29EC-4691-86D0-86F55907BE9B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{87AE35B6-47AA-4E55-82FC-795FD4865D9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{518FE2FE-9EAD-4E52-AAC0-2543C25C1B4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8196AAF5-56AA-4124-917C-D009DB72030B}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{ABB14CA1-12FC-486F-89AD-D848F4EA9CA3}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{401502F2-5401-4DA8-8513-CDFFE7DA6441}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{87AFFB7F-D444-467C-BE5F-DA85EB73349C}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{8721884A-4387-4F9F-8436-170F7C28AC79}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3B29A002-4BB0-40D3-9653-E9019F1AFD3F}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{475908F6-8937-416E-AC56-BB6B735B2528}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{BFE6EB55-A427-436C-B15E-F99D631EEC48}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{93240045-FB6A-4801-973C-E6321CC7C7D3}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{8489D365-3FC8-4298-A59E-1213B591FC77}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{D87EB848-16B5-4E35-A3EE-912F5717EC20}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{2041C5E3-C1B7-4AAA-8834-376B458AA5B0}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [TCP Query User{ECB8013E-C11C-45A1-AD3B-8495703CAC19}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [UDP Query User{15AED010-DC3D-40ED-A19B-BCD847FAA8D6}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{156F74D0-2DA7-4C0F-AB48-2F66E8A34C3F}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{6F72227E-4343-40DB-9056-09BAA5CCBBAC}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{25DEAD65-5919-4441-AF93-88B566540A0B}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{C3DF4918-582D-48F0-BAFD-408426F4DDA4}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{87A80444-B1C1-41E7-9987-8F2EBFA015E1}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{6FCFF811-A27A-4BE2-8E38-4F8AF3C43FEF}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [TCP Query User{878158FD-3144-498D-ADA4-3D95AB85E548}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{0B33F65E-7199-4CF2-BF2D-4DF92425ABE0}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{20E0C06F-6DA8-4BDC-87E1-F2651318E65D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{1D6DC50C-8BC9-4E19-BB12-3B7CB0336CC0}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{40E71661-696F-49A5-A063-1C06D60B18F4}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{36C79ED8-5196-4C17-8037-E0F3D5A6EDD6}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{18C8E291-A33D-421A-AA18-992210092ACC}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{30DBB7F3-49E0-4601-8B0C-FCC90D937869}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{527F8B85-38D2-4DC3-BCAF-449B099E6D3B}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{193012AA-0DC0-4541-852E-E5F37771F8DD}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D163D4F-4ED8-4D74-9B5B-C6824CA22D28}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{51A356BC-4D48-4935-B627-FD007378B9C7}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F7C97341-5BE9-4F84-9CF3-B8C3471C8A20}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [UDP Query User{2F1219D0-7B6E-4FA8-84C1-7DA793339AFA}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [TCP Query User{D0C9B2A8-9CE6-4C86-B167-B5803B4F7B57}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [UDP Query User{36848FAF-2D83-45E8-AE7F-1EC13D2E1FE7}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [TCP Query User{301D4E0D-B457-49DE-BFDA-411E3794F196}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [UDP Query User{57DC9114-DEBD-4CCE-BCF4-C4569381B841}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [TCP Query User{3F44D867-C77E-4ACE-BBE9-1C761D093296}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [UDP Query User{DCD57F8E-7F39-4410-8DC6-1F9095181258}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [TCP Query User{63D27EB1-11FD-480D-887C-72B7DB8153FA}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [UDP Query User{20ECECCF-6852-4DFF-8293-6D7DE4A2E93B}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [TCP Query User{7A6CAE1A-0EAF-41A6-9F6A-AAE58E7F26E3}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [UDP Query User{F36D404E-6AEF-46A1-8FD6-607089C31043}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [TCP Query User{904F730E-0A91-4A60-BFA7-4BB9E0A3C052}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [UDP Query User{9B48AEFE-9A21-4304-AAC0-264F693BC819}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [TCP Query User{D4986D90-1A30-4404-9990-D236A5801D80}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [UDP Query User{0AFEC170-0AC4-4988-8696-6AA1AF104372}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [{6A5928C7-BD51-4EA5-947D-BE3069A246AE}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E83C974-2F25-44CA-8A62-B016CB8E6AD3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{44FCAB8D-4DCA-4777-94D3-97E917C70419}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{299ECABA-43BF-43EB-8AA5-7A4146255A39}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{D50FC51A-0326-477C-9EA7-DF0F3864599D}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [UDP Query User{69B5EEFA-0DC5-4F2C-8783-30F45A2ADDFD}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [TCP Query User{FAE7C376-4513-44A1-98B2-674C6B305404}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{BFDE385F-BB59-45BD-9088-6F662412F464}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [TCP Query User{9A568C9B-6B94-48FF-B83F-50209A165AA1}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{B3A29930-3B4A-49DD-8D8B-C360106C7F18}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CD6E8607-95BF-428A-A66A-23E89D57AC9A}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{49DEE857-2BB1-4AE4-B910-52255A929239}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [TCP Query User{BF273DA2-ABDF-49EF-AC97-76BFB9EF15EA}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [UDP Query User{49FB96A8-143C-4F47-95FE-C29AC8D4DE41}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{DD98B784-9E4C-47A9-BC1E-9057F4581C10}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{425D8F68-8D9B-44D6-9943-C8BBF614BC73}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [{1BB09D4A-02F6-443D-B0B6-799EAB4B66CA}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{9DD32326-A4EE-483E-8A8A-BFDAAE5B766C}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{D56D9936-7DB6-4E15-AD42-3FF1D1D38390}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9E06866D-EF31-4EF5-83E0-D2DF04AB9CDD}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{093B8C02-538C-4351-B200-C6BAD15889CB}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3397FC1D-C706-46FC-A231-10B28D4CDDE9}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C1D93A8D-F609-42DD-A6F2-ACAFEE52B92C}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{19F675E8-444B-4E8A-B3BD-341D3016F81D}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{1EED93C3-6CEB-4D29-8DB1-FB6B22FB6CC1}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{40FDCA7C-E115-4ECF-B740-C3AEC4B08B75}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E41E29F-203B-4B2D-BADC-44074E695A9E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{6AED975D-8614-4EBD-94F4-4093DD721687}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{2324AB87-564F-4C0A-AE6B-513AA940F257}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [TCP Query User{15DB37B0-88D7-4C90-ABD5-FB70256139AE}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [UDP Query User{ACCFF4D0-DD59-4DE7-B054-51F559EA56D0}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [TCP Query User{FBE0A1C6-B21C-4BFE-8346-0DFDDF33D78D}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{B646017F-B7BB-4127-82EA-FF67E13AD123}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{C72C32BE-B2DE-45CA-AFDE-1806145DEB86}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{004F7B7C-A6F1-4462-87BA-6F3D2DBD1E74}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D1B49A33-DD34-4964-BFAB-DD58221DDD8B}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F12207C9-3026-4864-9ABF-60A8CD8F0416}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7160BD8C-9C3B-4C58-9889-16920C8FEE62}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F196D72C-4539-4C5B-880F-F9FCB4ACD1CF}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{12CB3CA0-E922-4D4A-A4F6-F036C54815E2}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{E6A50989-A8BC-4761-A9A3-CA9F6D3CA9D1}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{03929161-C492-4DDA-8479-383C3E1D3A4C}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B81F7015-08FB-4FDB-8E59-57C9366FE658}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FDA6D588-66B4-486F-8F02-A7C601490150}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{FC4219EA-BC7A-4703-8C7F-76A5434F437E}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{964F99B9-3BA8-4E75-BC5E-38EC749D6758}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [UDP Query User{73AD725E-DBA5-4CE4-977A-92A5AA873AA4}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [TCP Query User{D9A473E1-CC1A-449C-B4C3-A591FD532A6F}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{063CAED6-E620-4F62-B416-F9C647F227FF}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [{6C409CD5-F401-4968-869D-C365B73ECDE8}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{FBA6016C-33A6-4E45-BD6D-3809DC6E634D}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{898CB61A-66EE-44F4-8E06-4F951295A60E}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{93A2E88A-A380-4A2F-88FA-744883B130DA}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{06D7096D-7CFE-4468-825C-0992052CFB3E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [{B48A59B3-968B-4B66-B9AB-40550CA99D89}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [TCP Query User{47D5415F-4301-473E-A963-FEC9DB19A14C}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [UDP Query User{AE14DAF7-D4BB-489F-A2D7-E3D877951980}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [TCP Query User{36F35810-DD34-4A9E-88ED-68170018D7F2}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [UDP Query User{172F917F-8DD4-4D6D-9860-D8828F4CB896}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [TCP Query User{EAF18D17-E6E4-42BE-B905-F7E4E77352C7}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [UDP Query User{0A601DE9-F450-404C-9EAD-75B40F527FE6}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [TCP Query User{6FD75BE8-0C6F-42D2-A567-0CBF34D36AE9}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{30A8F9E1-7A11-4270-A306-0780762D6A88}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [{F03457E1-E54D-47DB-AEB3-83127504F64C}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{C3D0F4FA-D468-466C-BE4A-59096B576FE3}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [TCP Query User{943DF355-C27A-4068-A3D4-0A3705F24603}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [UDP Query User{9A1663EE-76D4-4F7D-8AAF-58EA2C874014}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [{3DA85164-269E-4B35-862B-752AF92B4F90}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{AEBEB0B7-47C3-4740-B7F3-F79EC6798755}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{78B1760B-B9BB-4267-B223-AE7FD30067FB}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{CA8C6DE2-CB3E-4427-AB0C-E0E015F7C811}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{05A14CB4-7793-4B6B-BBCE-FB0978B9CE7B}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5B0F65BE-AA73-4971-8647-7204FF7CB972}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B426D836-7060-4922-8B7C-2399AC1C579E}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{91151B08-6EE4-4970-B8B5-C5E1E0028DD0}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{98C51F64-44C6-4AB4-AE08-5ED553C501CB}] => (Allow) C:\Program Files (x86)\Bagsarah\Application\chrome.exe
FirewallRules: [{7915F66C-F927-4B15-A2B3-008EA3B89873}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/11/2017 03:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x42c
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2def74b6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 039b6663-a808-4275-bf5a-4f9270f3be75
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:48:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/11/2017 03:47:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2ae98f1a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 23d05b44-7727-4077-a606-aa72c228a248
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:46:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.9.5.353, Zeitstempel: 0x584b331b
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5cc7
ID des fehlerhaften Prozesses: 0x1d3c
Startzeit der fehlerhaften Anwendung: 0x01d2ca522ffeeb9c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: 5757f0ce-0632-4e4c-821b-60110746984f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/11/2017 02:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0x01d2ca52213df2a6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 1cae2985-777f-4972-8ec9-e7f26ab5d3ba
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 02:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1454
Startzeit der fehlerhaften Anwendung: 0x01d2ca521dff7f75
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 2c3921a5-7fa1-4fb3-a2f5-bdd1bcbd7a10
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 02:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x228c
Startzeit der fehlerhaften Anwendung: 0x01d2ca4e2669e643
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: d68b6303-26b0-4c21-a8b9-16a188c651a8
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 02:00:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1244
Startzeit der fehlerhaften Anwendung: 0x01d2ca4e220785bf
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: c0aa92c5-ff81-452d-9188-6057bc0aeba6
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 01:49:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ctfmon.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899148
Name des fehlerhaften Moduls: InputService.dll, Version: 10.0.14393.1066, Zeitstempel: 0x58d9f10c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057f66
ID des fehlerhaften Prozesses: 0xd0
Startzeit der fehlerhaften Anwendung: 0x01d2ca4b623b83d2
Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\InputService.dll
Berichtskennung: 80c80c62-0b18-4f45-87e4-fc581d6d96a1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/11/2017 01:49:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ctfmon.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899148
Name des fehlerhaften Moduls: InputService.dll, Version: 10.0.14393.1066, Zeitstempel: 0x58d9f10c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057f66
ID des fehlerhaften Prozesses: 0x19dc
Startzeit der fehlerhaften Anwendung: 0x01d2c892e719bb79
Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\ctfmon.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\InputService.dll
Berichtskennung: f92910ea-d561-4296-b454-33f3dc2c70a8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/11/2017 03:49:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/11/2017 03:47:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "NPASRE" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/11/2017 03:47:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Error: (05/11/2017 03:46:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2017 03:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2017 03:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2017 03:46:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/11/2017 03:46:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-05-11 14:11:59.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.489
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8153.38 MB
Verfügbarer physikalischer RAM: 5501.62 MB
Summe virtueller Speicher: 11225.38 MB
Verfügbarer virtueller Speicher: 8500.92 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.36 GB) (Free:9.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:976.56 GB) (Free:284 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.35 GB) (Free:189.1 GB) NTFS
Drive g: (Lokaler Datenträger ) (Fixed) (Total:232.33 GB) (Free:31.17 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C6ECC302)
Partition 1: (Active) - (Size=118.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C6ECC30A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 11.05.17
Scan-Zeit: 15:48
Protokolldatei: Sacn mwb.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1915
Lizenz: Abgelaufen
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: LEANDER-PC\Leander
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 361125
Abgelaufene Zeit: 3 Min., 56 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 11/05/2017 um 15:46:55
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-10.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Leander - LEANDER-PC
# Gestartet von : F:\downloads\adwcleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Public\Documents\temp.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\InterSect Alliance
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [32429 Bytes] - [20/10/2015 18:15:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [3228 Bytes] - [10/04/2017 22:05:25]
C:\AdwCleaner\AdwCleaner[C3].txt - [2907 Bytes] - [11/04/2017 21:24:48]
C:\AdwCleaner\AdwCleaner[C4].txt - [2496 Bytes] - [15/04/2017 20:23:17]
C:\AdwCleaner\AdwCleaner[C5].txt - [6506 Bytes] - [19/04/2017 11:22:50]
C:\AdwCleaner\AdwCleaner[C6].txt - [3522 Bytes] - [04/05/2017 17:15:26]
C:\AdwCleaner\AdwCleaner[C7].txt - [6053 Bytes] - [11/05/2017 13:50:46]
C:\AdwCleaner\AdwCleaner[C8].txt - [1549 Bytes] - [11/05/2017 15:46:55]
C:\AdwCleaner\AdwCleaner[R0].txt - [18200 Bytes] - [31/05/2015 17:04:06]
C:\AdwCleaner\AdwCleaner[R1].txt - [6447 Bytes] - [08/06/2015 18:39:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [15910 Bytes] - [31/05/2015 17:04:35]
C:\AdwCleaner\AdwCleaner[S10].txt - [3322 Bytes] - [21/04/2017 22:01:04]
C:\AdwCleaner\AdwCleaner[S11].txt - [3492 Bytes] - [04/05/2017 16:10:23]
C:\AdwCleaner\AdwCleaner[S12].txt - [6422 Bytes] - [11/05/2017 13:49:04]
C:\AdwCleaner\AdwCleaner[S13].txt - [2951 Bytes] - [11/05/2017 14:40:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [37566 Bytes] - [08/06/2015 18:45:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [3869 Bytes] - [31/03/2017 17:24:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [3733 Bytes] - [10/04/2017 21:52:30]
C:\AdwCleaner\AdwCleaner[S4].txt - [3199 Bytes] - [10/04/2017 22:01:27]
C:\AdwCleaner\AdwCleaner[S5].txt - [2876 Bytes] - [11/04/2017 21:22:26]
C:\AdwCleaner\AdwCleaner[S6].txt - [2483 Bytes] - [15/04/2017 20:16:36]
C:\AdwCleaner\AdwCleaner[S7].txt - [2528 Bytes] - [15/04/2017 20:19:56]
C:\AdwCleaner\AdwCleaner[S8].txt - [7973 Bytes] - [19/04/2017 11:18:32]
C:\AdwCleaner\AdwCleaner[S9].txt - [3351 Bytes] - [21/04/2017 21:38:18]
########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [2797 Bytes] ##########
Code:
ATTFilter Emsisoft Emergency Kit – Version 2017.4
Letztes Update: 11.05.2017 14:15:49
Benutzerkonto:
Computer name:
OS version: Windows 10x64
Scan-Einstellungen:
Scan-Methode: Eigener Scan
Objekte: Rootkits, Speicher, Traces, C:\, E:\
PUPs-Erkennung: An
Archiv-Scan: An
ADS-Scan: An
Dateierweiterungen: Aus
Direkter Festplattenzugriff: Aus
Scan-Beginn: 11.05.2017 14:31:41
C:\Reerdition\Qerzerph.gwc Gefunden: Gen:Variant.Adware.Razy.159239 (B) [krnl.xmd]
C:\Users\Leander\AppData\Local\Temp\~bk84F7.tmp -> SSS.dll Gefunden: Gen:Variant.Zusy.235997 (B) [krnl.xmd]
C:\Users\Leander\AppData\Local\Temp\~pp7A30.tmp Gefunden: Application.Elex.GW (B) [krnl.xmd]
C:\Users\Leander\AppData\Local\Temp\~wd54CC.tmp Gefunden: Gen:Variant.Adware.Razy.170350 (B) [krnl.xmd]
C:\Users\Leander\AppData\Local\Temp\~wd84F6.tmp Gefunden: Application.Elex.GW (B) [krnl.xmd]
E:\Games\Total War ROME II - Emperor Edition\steam_api.dll Gefunden: Riskware.GameHack (A) [283425]
E:\Program Files (x86)\DiRT Showdown\steam_api.dll Gefunden: Riskware.GameHack (A) [283425]
Gescannt: 582093
Gefunden 7
Scan-Ende: 11.05.2017 15:44:59
Scan-Zeit: 1:13:18
C:\Users\Leander\AppData\Local\Temp\~wd84F6.tmp Application.Elex.GW (B)
C:\Users\Leander\AppData\Local\Temp\~wd54CC.tmp Gen:Variant.Adware.Razy.170350 (B)
C:\Users\Leander\AppData\Local\Temp\~pp7A30.tmp Application.Elex.GW (B)
C:\Users\Leander\AppData\Local\Temp\~bk84F7.tmp Gen:Variant.Zusy.235997 (B)
C:\Reerdition\Qerzerph.gwc Gen:Variant.Adware.Razy.159239 (B)
Gelöscht 5
|
|
11.05.2017, 16:24
| #3 |
| /// TB-Ausbilder   | Adware installiert immer wieder Chrome und Toolbars Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Alle alten Logdateien von AdwCleaner und MBAM bitte posten! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
11.05.2017, 17:50
| #4 |
| | Adware installiert immer wieder Chrome und Toolbars Alles klar wird gemacht. Geht auch ne .rar datei bei den alten logs? |
|
12.05.2017, 09:05
| #5 |
| | Adware installiert immer wieder Chrome und Toolbars Hier sidn alle alten adwarecleaner logs. Sorry geht nur als .rar datei, da ich kein 7zip habe und ja nix installieren soll. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von Leander (Administrator) auf LEANDER-PC (12-05-2017 10:02:34)
Gestartet von F:\downloads
Geladene Profile: Leander (Verfügbare Profile: Leander)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Electronic Arts) E:\Origin\Origin.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() E:\Origin\QtWebEngineProcess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-06-25] (VIA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify] => C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [EADM] => E:\Origin\Origin.exe [3046264 2017-05-02] (Electronic Arts)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify Web Helper] => C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks] => F:\My Games\Wot\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Warships] => F:\My Games\WOW\WargamingGameUpdater.exe [3134216 2017-03-09] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks (1)] => "F:\My Games\Wot Testserver\WargamingGameUpdater.exe"
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Prime95] => C:\Users\Leander\AppData\Local\Temp\Rar$EXa0.507\prime95.exe <===== ACHTUNG
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: Kein Name - {8F0F267E-12E9-11E7-A647-64006A5CFC23} - C:\Users\Leander\AppData\Roaming\Rekerghareday\Thaferknicik.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.198.1
Tcpip\..\Interfaces\{1b9d694c-0723-46f2-82ca-561812a30ba7}: [DhcpNameServer] 192.168.198.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1473955321833
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: eqtdc3ih.default
FF ProfilePath: C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default [2017-05-12]
FF NewTab: Mozilla\Firefox\Profiles\eqtdc3ih.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF Extension: (AdBlocker Ultimate) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-29]
FF Extension: (MEGA) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Adblock Plus) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 BIT; C:\ProgramData\BIT\BIT.dll [1858048 2017-05-11] (BIT.dll) [Datei ist nicht signiert]
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 NPASRE; C:\Users\Leander\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] (InterSect Alliance Pty Ltd) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2147216 2017-05-02] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3116440 2017-05-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Leander\AppData\Roaming\WinSAPSvc\WinSAP.dll [585216 2017-05-11] (serviec) [Datei ist nicht signiert] <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-08-20] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-17] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-17] (Disc Soft Ltd)
R1 epp; E:\PROGRAM FILES (X86)\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2013-08-05] (Etron Technology Inc)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-08-20] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-11] (Malwarebytes)
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2003-04-22] () [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 cmanvwhc; \??\C:\WINDOWS\system32\drivers\cmanvwhc.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-12 09:57 - 2017-05-12 10:00 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-05-11 21:00 - 2017-05-11 21:00 - 00003674 _____ C:\Windows\System32\Tasks\Milimili
2017-05-11 21:00 - 2017-05-11 21:00 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WinSAPSvc
2017-05-11 21:00 - 2017-05-11 21:00 - 00000000 ____D C:\Users\Leander\AppData\Local\NPASRE
2017-05-11 21:00 - 2017-05-11 21:00 - 00000000 ____D C:\Program Files (x86)\MIO
2017-05-11 20:58 - 2017-05-11 20:58 - 00000000 ____D C:\Reerdition
2017-05-11 20:58 - 2017-05-11 20:58 - 00000000 ____D C:\Program Files (x86)\Serentarepisp
2017-05-11 18:49 - 2017-05-11 18:49 - 00025135 _____ C:\Users\Leander\Desktop\Alte Adwarecleaner scans.rar
2017-05-11 18:45 - 2017-05-11 18:45 - 00003872 _____ C:\Users\Leander\Desktop\AdwCleaner[S2].txt
2017-05-11 18:45 - 2017-05-11 18:45 - 00003736 _____ C:\Users\Leander\Desktop\AdwCleaner[S3].txt
2017-05-11 18:45 - 2017-05-11 18:45 - 00003202 _____ C:\Users\Leander\Desktop\AdwCleaner[S4].txt
2017-05-11 15:55 - 2017-05-11 18:44 - 00118277 _____ C:\Users\Leander\Desktop\FRST.txt
2017-05-11 15:55 - 2017-05-11 18:44 - 00079419 _____ C:\Users\Leander\Desktop\Addition.txt
2017-05-11 15:53 - 2017-05-12 10:02 - 00000000 ____D C:\FRST
2017-05-11 15:53 - 2017-05-11 15:53 - 00001240 _____ C:\Users\Leander\Desktop\Sacn mwb.txt
2017-05-11 15:48 - 2017-05-11 15:48 - 00002883 _____ C:\Users\Leander\Desktop\AdwCleaner[C8].txt
2017-05-11 15:46 - 2017-05-11 15:46 - 00000000 ____D C:\Users\Leander\AppData\Local\PeerDistRepub
2017-05-11 15:45 - 2017-05-11 15:45 - 00003162 _____ C:\Users\Leander\Desktop\scan_170511-143141.txt
2017-05-11 14:40 - 2017-05-11 14:40 - 00002951 ____C C:\Users\Leander\Desktop\AdwCleaner[S13].txt
2017-05-11 14:16 - 2017-05-11 14:16 - 00000000 ____D C:\Users\Leander\AppData\Local\Macromedia
2017-05-11 14:12 - 2017-05-11 14:12 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-11 14:03 - 2017-05-12 09:58 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Mozilla
2017-05-11 14:00 - 2017-05-12 10:00 - 00000000 ____D C:\Windows\AppReadiness
2017-05-11 14:00 - 2017-05-11 14:00 - 00000000 ____D C:\Users\Leander\.QtWebEngineProcess
2017-05-11 14:00 - 2017-05-11 14:00 - 00000000 ____D C:\Users\Leander\.Origin
2017-05-11 13:50 - 2017-05-11 13:50 - 00006053 ____C C:\Users\Leander\Desktop\AdwCleaner[C7].txt
2017-05-11 13:49 - 2017-05-11 13:49 - 00006422 ____C C:\Users\Leander\Desktop\AdwCleaner[S12].txt
2017-05-11 13:46 - 2017-05-11 13:46 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-11 10:28 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-11 10:28 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-11 10:28 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-11 10:28 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-11 10:28 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:28 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-11 10:28 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 10:28 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-11 10:28 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-11 10:28 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-11 10:28 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-11 10:28 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-11 10:28 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 10:28 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-11 10:28 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-11 10:28 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-11 10:28 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-11 10:28 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 10:28 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-11 10:28 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-11 10:28 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-11 10:28 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-11 10:28 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-11 10:28 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-11 10:27 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-11 10:27 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 10:27 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-11 10:27 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-11 10:27 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-11 10:27 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 10:27 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-11 10:27 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-11 10:27 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-11 10:27 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-11 10:27 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-11 10:27 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-11 10:27 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-11 10:27 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-11 10:27 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-11 10:27 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-11 10:27 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-11 10:27 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-11 10:27 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-11 10:27 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-11 10:27 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-11 10:27 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-05-11 10:27 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-11 10:27 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-11 10:27 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-11 10:27 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-11 10:27 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-11 10:27 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-11 10:27 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-11 10:27 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-11 10:27 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-11 10:27 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-11 10:27 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-11 10:27 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 10:27 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-11 10:27 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-11 10:27 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-05-11 10:26 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-11 10:26 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-11 10:26 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-11 10:26 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-11 10:26 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-11 10:26 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-11 10:26 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-11 10:26 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-11 10:26 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-11 10:26 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-11 10:26 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-11 10:26 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-11 10:26 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-11 10:26 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-11 10:26 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-11 10:26 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-11 10:26 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-11 10:26 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-11 10:26 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-11 10:26 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-11 10:26 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-11 10:26 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-11 10:26 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-11 10:26 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-11 10:26 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-11 10:26 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-11 10:26 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-11 10:26 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:26 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-11 10:26 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-11 10:26 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-11 10:26 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-11 10:26 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-07 14:33 - 2017-05-07 14:33 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\5FB23263.sys
2017-05-05 21:39 - 2017-05-11 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 13:56 - 2017-05-05 13:56 - 00000000 ____D C:\Users\Leander\AppData\Local\NVIDIA Corporation
2017-05-05 13:53 - 2017-05-05 13:53 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 13:53 - 2017-05-02 00:38 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-05-05 13:53 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-05-05 13:53 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-05-05 13:53 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-05-05 13:50 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-05-05 13:41 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-05 13:41 - 2017-05-02 00:38 - 00513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-05-05 13:41 - 2017-05-02 00:38 - 00418936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-05-05 13:37 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-05 13:36 - 2017-05-05 13:36 - 00000000 ____D C:\NVIDIA
2017-05-05 12:55 - 2017-05-05 12:55 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-05 12:54 - 2017-05-05 12:54 - 00003650 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-04 21:09 - 2017-05-04 21:10 - 00000000 ____D C:\Users\Leander\Documents\Need For Speed
2017-05-04 20:57 - 2017-05-04 20:57 - 00000709 _____ C:\Users\Public\Desktop\Need for Speed™.lnk
2017-05-04 17:15 - 2017-05-04 17:15 - 00003522 ____C C:\Users\Leander\Desktop\AdwCleaner[C6].txt
2017-05-04 17:11 - 2017-05-04 17:11 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\3B4040D4.sys
2017-05-04 16:10 - 2017-05-04 16:10 - 00003492 ____C C:\Users\Leander\Desktop\AdwCleaner[S11].txt
2017-04-30 17:40 - 2017-04-30 17:40 - 00000000 ____D C:\Users\Leander\AppData\Local\Sniper3
2017-04-29 10:21 - 2017-05-04 19:54 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Factorio
2017-04-28 14:53 - 2017-04-28 14:53 - 00002749 _____ C:\Users\Public\Desktop\Factorio.lnk
2017-04-28 14:53 - 2017-04-28 14:53 - 00000000 ____D C:\Program Files (x86)\Factorio
2017-04-26 09:43 - 2017-04-26 09:43 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:39 - 2017-05-05 13:59 - 00000000 ____D C:\Insist
2017-04-21 22:06 - 2017-04-21 22:06 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\750F2B85.sys
2017-04-21 22:01 - 2017-04-21 22:01 - 00003322 ____C C:\Users\Leander\Desktop\AdwCleaner[S10].txt
2017-04-21 21:42 - 2017-04-21 21:42 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4201187D.sys
2017-04-21 21:38 - 2017-04-21 21:38 - 00003351 ____C C:\Users\Leander\Desktop\AdwCleaner[S9].txt
2017-04-21 18:50 - 2017-04-21 18:50 - 00000000 _____ C:\Windows\SysWOW64\44
2017-04-20 18:53 - 2017-04-20 18:53 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 18:48 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-20 18:45 - 2017-05-11 10:29 - 00000000 _____ C:\Windows\SysWOW64\1
2017-04-20 18:40 - 2017-04-20 18:40 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\656C3FB5.sys
2017-04-19 11:23 - 2017-05-11 14:10 - 00002106 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 11:22 - 2017-04-19 11:22 - 00006506 ____C C:\Users\Leander\Desktop\AdwCleaner[C5].txt
2017-04-19 11:20 - 2017-04-19 11:20 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4981203A.sys
2017-04-19 11:18 - 2017-04-19 11:18 - 00007973 ____C C:\Users\Leander\Desktop\AdwCleaner[S8].txt
2017-04-18 18:30 - 2017-04-19 11:01 - 00001799 _____ C:\Users\Leander\Desktop\Warum AMD am Arsch ist.txt
2017-04-15 21:52 - 2017-04-15 21:58 - 00000000 ____D C:\Users\Leander\Downloads\Fakki
2017-04-15 21:50 - 2017-04-15 21:50 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 2 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 2
2017-04-15 20:35 - 2017-05-11 13:51 - 00245640 _____ C:\Users\Leander\Downloads\Firefox Setup Stub 52.0.2 (1).exe
2017-04-15 20:20 - 2017-04-15 21:49 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 1 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 1
2017-04-15 20:19 - 2017-04-15 20:19 - 00002528 ____C C:\Users\Leander\Desktop\AdwCleaner[S7].txt
2017-04-15 20:16 - 2017-04-15 20:16 - 00002483 ____C C:\Users\Leander\Desktop\AdwCleaner[S6].txt
2017-04-15 13:13 - 2017-04-15 13:13 - 00001230 _____ C:\Users\Public\Desktop\Splinter Cell Conviction.lnk
2017-04-15 13:13 - 2017-04-15 13:13 - 00000000 ____D C:\Users\Leander\AppData\Local\storage
2017-04-15 11:55 - 2017-04-15 11:58 - 00000872 _____ C:\Users\Leander\Desktop\Act of Aggression.lnk
2017-04-14 14:21 - 2017-05-11 14:27 - 00000000 ____D C:\Users\Leander\Desktop\mbar
2017-04-12 09:47 - 2017-04-12 09:47 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\21CD3610.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-12 10:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-12 10:00 - 2016-06-25 18:01 - 00000000 ____D C:\Users\Leander\AppData\Local\Adobe
2017-05-12 09:58 - 2016-12-16 16:53 - 00000000 ____D C:\Users\Leander\AppData\Local\CrashDumps
2017-05-12 09:58 - 2016-07-13 19:59 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Skype
2017-05-12 09:58 - 2015-10-21 19:20 - 00000000 ___RD C:\Users\Leander\OneDrive
2017-05-12 09:57 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Spotify
2017-05-12 09:57 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Local\Spotify
2017-05-11 22:15 - 2016-10-08 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-11 20:59 - 2017-03-30 20:58 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2017-05-11 18:46 - 2015-05-31 17:04 - 00000000 ___DC C:\AdwCleaner
2017-05-11 18:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Games
2017-05-11 16:18 - 2017-03-31 17:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-11 15:53 - 2016-07-17 00:51 - 03069394 _____ C:\Windows\system32\perfh007.dat
2017-05-11 15:53 - 2016-07-17 00:51 - 00829476 _____ C:\Windows\system32\perfc007.dat
2017-05-11 15:53 - 2016-06-25 14:22 - 06255588 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-11 15:47 - 2017-03-31 17:17 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-11 15:47 - 2016-10-08 10:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-11 15:47 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-05-11 14:28 - 2016-06-25 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 14:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Programme
2017-05-11 14:03 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Mozilla
2017-05-11 14:02 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Local\Packages
2017-05-11 14:00 - 2016-10-08 10:34 - 00000000 ____D C:\Users\Leander
2017-05-11 14:00 - 2016-07-06 11:44 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Origin
2017-05-11 14:00 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Adobe
2017-05-11 14:00 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 13:57 - 2016-10-08 10:32 - 00228168 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 13:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 13:56 - 2017-03-27 22:31 - 00000000 ____D C:\Users\Leander\AppData\Roaming\SmartSteamEmu
2017-05-11 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Registration
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 13:55 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-11 10:34 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 10:29 - 2016-06-25 16:29 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 10:29 - 2016-06-25 16:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-11 09:37 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-09 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 15:29 - 2016-07-09 19:45 - 00000000 ____D C:\Users\Leander\AppData\Roaming\vlc
2017-05-08 21:38 - 2016-07-08 18:41 - 00000000 ____D C:\Users\Leander\AppData\Local\Ubisoft Game Launcher
2017-05-08 21:38 - 2016-06-25 21:47 - 00000000 ____D C:\Users\Leander\AppData\Local\JDownloader v2.0
2017-05-06 21:20 - 2015-10-23 20:40 - 00000000 ____D C:\Users\Leander\Documents\My Games
2017-05-05 13:53 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Help
2017-05-05 12:53 - 2017-02-08 18:55 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2017-05-05 12:53 - 2016-10-08 10:32 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-05-04 17:17 - 2016-11-27 15:50 - 00000000 ____D C:\Users\Leander\Documents\Project CARS
2017-05-03 09:53 - 2015-11-14 19:25 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 3
2017-05-02 20:25 - 2016-07-08 15:47 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-05-02 20:25 - 2016-07-08 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-08 10:34 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-04-20 18:41 - 2016-12-17 19:11 - 00003284 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-20 18:41 - 2016-06-25 14:21 - 00002389 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-19 11:32 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Local\Mozilla
2017-04-19 11:23 - 2017-04-11 21:22 - 00000000 ____D C:\Program Files (x86)\temp
2017-04-19 11:23 - 2017-03-10 07:39 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.3d
2017-04-19 11:23 - 2017-02-26 11:18 - 00000000 ____D C:\Users\Leander\Documents\Stronghold Crusader
2017-04-19 11:23 - 2017-02-23 11:50 - 00000000 ____D C:\Users\Leander\AppData\Local\0ad
2017-04-19 11:23 - 2017-02-13 20:02 - 00000000 ____D C:\Users\Leander\Documents\Mount&Blade Warband
2017-04-19 11:23 - 2017-01-21 13:04 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WhatsApp
2017-04-19 11:23 - 2017-01-16 14:31 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.0
2017-04-19 11:23 - 2017-01-15 21:37 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Tropico 5
2017-04-19 11:23 - 2016-12-19 20:40 - 00000000 ____D C:\Users\Leander\AppData\Roaming\dvdcss
2017-04-19 11:23 - 2016-12-14 17:24 - 00000000 ____D C:\Users\Leander\AppData\Local\LOOT
2017-04-19 11:23 - 2016-10-30 15:14 - 00000000 ____D C:\Users\Leander\Documents\Command and Conquer Generals Zero Hour Data
2017-04-19 11:23 - 2016-10-15 13:55 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 1
2017-04-19 11:23 - 2016-10-04 20:19 - 00000000 ____D C:\Users\Leander\AppData\Roaming\TS3Client
2017-04-19 11:23 - 2016-09-01 21:17 - 00000000 ____D C:\Users\Leander\Documents\Master of Orion
2017-04-19 11:23 - 2016-08-20 21:40 - 00000000 ____D C:\Users\Leander\Documents\ANNO 1404 Venedig
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 __RSD C:\Windows\Media
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\security
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\InputMethod
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\IME
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 11:23 - 2016-07-14 21:17 - 00000000 ____D C:\Users\Leander\Documents\Dolphin Emulator
2017-04-19 11:23 - 2016-07-13 18:42 - 00000000 ____D C:\Users\Leander\AppData\Local\SKIDROW
2017-04-19 11:23 - 2016-07-10 13:50 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Frontier Developments
2017-04-19 11:23 - 2016-07-07 12:41 - 00000000 ____D C:\Users\Leander\AppData\Roaming\.minecraft
2017-04-19 11:23 - 2016-06-25 14:20 - 00000000 ____D C:\Users\Leander\AppData\Local\MicrosoftEdge
2017-04-19 11:23 - 2016-06-25 14:17 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-19 11:23 - 2016-06-11 16:27 - 00000000 ____D C:\Users\Leander\Documents\Spiele
2017-04-19 11:23 - 2016-04-01 19:34 - 00000000 ____D C:\Users\Leander\.litwrl
2017-04-19 11:23 - 2016-03-24 16:54 - 00000000 ____D C:\Users\Leander\Documents\TrackMania
2017-04-19 11:23 - 2016-03-23 13:43 - 00000000 ____D C:\Users\Leander\Documents\STAR WARS Battlefront
2017-04-19 11:23 - 2016-01-03 22:58 - 00000000 ____D C:\Users\Leander\Documents\3DMark
2017-04-19 11:23 - 2015-12-29 17:01 - 00000000 ____D C:\Users\Leander\Documents\BFH
2017-04-19 11:23 - 2015-12-13 17:16 - 00000000 ____D C:\Users\Leander\Documents\FIFA 15
2017-04-19 11:23 - 2015-12-03 19:02 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Adobe
2017-04-19 11:23 - 2015-11-11 19:07 - 00000000 ____D C:\Users\Leander\Documents\StarCraft II
2017-04-19 11:23 - 2015-10-29 21:02 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 4
2017-04-19 11:23 - 2010-11-21 09:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-04-14 23:37 - 2017-03-31 17:17 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-14 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-04-14 15:24 - 2017-03-31 17:17 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-14 15:24 - 2017-03-31 17:17 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-14 15:24 - 2017-03-31 17:16 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-12 03:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-12 03:18 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-26 12:47 - 2016-07-05 19:47 - 0000151 _____ () C:\Users\Leander\AppData\Roaming\WB.CFG
2016-11-27 19:44 - 2016-12-27 13:45 - 0007597 _____ () C:\Users\Leander\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole4047230449030724081.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole7442378117606400700.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole780015794168616176.dll
2017-03-20 18:26 - 2017-03-20 18:26 - 14456872 _____ (Microsoft Corporation) C:\Users\Leander\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:27
==================== Ende von FRST.txt ============================
|
|
12.05.2017, 09:09
| #6 |
| | Adware installiert immer wieder Chrome und Toolbars Addition neu Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Leander (12-05-2017 10:03:14)
Gestartet von F:\downloads
Windows 10 Pro Version 1607 (X64) (2016-10-08 08:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-314425503-1263803708-1118067362-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-314425503-1263803708-1118067362-503 - Limited - Disabled)
Gast (S-1-5-21-314425503-1263803708-1118067362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-314425503-1263803708-1118067362-1002 - Limited - Enabled)
Leander (S-1-5-21-314425503-1263803708-1118067362-1000 - Administrator - Enabled) => C:\Users\Leander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0 A.D. (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\0 A.D.) (Version: r18915P-alpha - Wildfire Games)
Act of Aggression MULTI2 1.0 (HKLM-x32\...\Act of Aggression MULTI2 1.0) (Version: - )
Act of Aggression Update 14 MULTI2 1.0 (HKLM-x32\...\Act of Aggression Update 14 MULTI2 1.0) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.28890 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
Borderlands 2 GOTY version 1.8.2 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2 - 2K Games)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2016 (HKLM\...\Steam App 391040) (Version: - Codemasters)
Factorio (HKLM-x32\...\{2BCB3CEC-B168-450B-857D-408CA9E9F3C4}) (Version: 12.24.0000 - Your Company Name)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
GdZ WoT ModPack Version 0.9.17.0.06 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.17.0.06 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: Mass Effect 3 - )
Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft OneDrive (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\1893001152_is1) (Version: 2.0.0.3 - GOG.com)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: - )
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
SpellForce 2 Patch (x32 Version: 1.0.0 - JoWood) Hidden
Splinter Cell: Conviction - Deluxe Edition (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}_is1) (Version: 1.04.000 - Ubisoft)
Spotify (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version: - Petroglyph)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XVM Version 6.4.3 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.3 - XVM team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C14277FD74D4}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12FD3112-DD67-4F99-A131-5729DDC1C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {1406D884-61DC-4B4D-8B4F-5C027501E4F3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {2A043FF9-3775-45BE-96FE-1074721A002B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {31244610-8760-4B4E-8A8A-9EF7E29EEA23} - \Buhukhjoly -> Keine Datei <==== ACHTUNG
Task: {5ED3EE11-B80D-4F61-A462-97CDD74A7040} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-11] () <==== ACHTUNG
Task: {8FFE60D5-A499-4D75-B1F2-E0B9A7E0AE6A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-leander-hausmann@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {966282B4-8F3D-4636-875D-C1ED5539DE98} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
Task: {A87C61AC-122E-4289-B391-8B47E3B080B5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {B38B6170-5E59-4D10-8FD4-51AD70098688} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-02] (NVIDIA Corporation)
Task: {BF8866CF-CFB4-47CD-973E-1FBDD5DBDEE8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Leander\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DF58C814-98FC-4C83-94D0-C888DC80FAE5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 19:12 - 2016-09-01 19:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-31 17:16 - 2017-04-14 15:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-07-08 10:31 - 2016-07-08 21:28 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-08 20:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:12 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00022928 _____ () E:\Origin\QtWebEngineProcess.exe
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-09-20 19:38 - 2017-05-02 10:05 - 02493440 _____ () E:\Origin\libGLESv2.dll
2017-01-19 06:46 - 2017-01-19 06:46 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 67725936 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libcef.dll
2016-10-27 17:54 - 2017-04-20 18:41 - 00110192 _____ () C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 01929840 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libglesv2.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 00087152 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libegl.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00012288 _____ () E:\Origin\libEGL.DLL
2016-07-06 11:43 - 2016-07-06 11:43 - 00266240 _____ () E:\Origin\imageformats\qmng.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-06-25 15:08 - 2016-06-25 15:06 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.198.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{363E6FE3-05AA-4245-BEB8-2B4E8CD2424C}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{0B150D02-1977-45E3-8A17-A51A5EEFA337}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{23529468-A65B-4EDF-9CA3-1730D28A2974}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{A503D355-AD3C-4420-946D-6574FFE49D4A}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{454DAB07-9945-460C-95CC-22062FB7A43E}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{71FB9FAA-8E79-4D04-A687-8AD32BAE534D}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E59E606-789C-4809-A4FB-04E905F212D1}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{F60A8791-663B-40D8-BA96-C98817A64AB4}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [UDP Query User{DEDB94BE-05B1-46BD-B1F7-764FD9A02800}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [TCP Query User{7293833D-4038-421A-A6EC-056E91781B7B}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{6E3679F6-6E56-4056-A62C-38FFCEFA9179}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{A50E42BB-4B73-41AD-A196-95533DB7BD85}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{804DD275-645E-4943-BFDD-ECA62E362FB3}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F531007A-DDC5-401A-B50A-30A88787019E}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{610AD0C5-449A-4B7E-8BB3-B577DBB0B889}] => (Allow) LPort=8090
FirewallRules: [{BB1D5C61-C74E-4856-B047-4A23FCBCE604}] => (Allow) LPort=8090
FirewallRules: [{5114F9E0-C29A-4B77-B3F2-E9651D6ECDF5}] => (Allow) LPort=20443
FirewallRules: [{96C073AC-EF66-421E-A93D-0E2DF23E360E}] => (Allow) LPort=20443
FirewallRules: [{1E2E955A-14E9-4F49-AAD7-6C3DA314CA4C}] => (Allow) LPort=33333
FirewallRules: [{93EED35E-BBB6-41F8-8D82-697DC174FFC9}] => (Allow) LPort=33333
FirewallRules: [{B8BE5478-9D36-4ADC-877A-706BA989AAC6}] => (Allow) LPort=6881
FirewallRules: [{7740550A-9F38-4D94-8139-CEB616D8448B}] => (Allow) LPort=6881
FirewallRules: [{EE116E94-7F11-4821-B1A0-7BB23DD36CB3}] => (Allow) LPort=27022
FirewallRules: [{B830484E-1CD7-487F-A0E6-C21ECEAF026D}] => (Allow) LPort=27022
FirewallRules: [{F4688C96-87D0-4FAC-973C-6E499E6FBEFF}] => (Allow) LPort=7853
FirewallRules: [{E979BEA8-42F2-4775-A126-8E7B67205DE5}] => (Allow) LPort=7853
FirewallRules: [{7655A8CB-9A30-4F41-BF5A-5C52A3BE3097}] => (Allow) LPort=7852
FirewallRules: [{D889F872-9573-4B3D-A3D5-44E4E22C67AF}] => (Allow) LPort=7852
FirewallRules: [{EBB00AD9-6A87-4E2C-A94A-1F3B9A5855AE}] => (Allow) LPort=7850
FirewallRules: [{8778D438-EC2F-4402-8FBC-D8FFBF188188}] => (Allow) LPort=7850
FirewallRules: [{9516CF23-C46A-4412-A4F2-A7FA543C2317}] => (Allow) LPort=3478
FirewallRules: [{D1B835E9-5A11-4C44-BB99-25F1671675BC}] => (Allow) LPort=3478
FirewallRules: [{C62F6C43-5600-4898-8620-5B462A752663}] => (Allow) LPort=20010
FirewallRules: [{9FF63B17-486F-49BE-9D8F-52FB4CFFBFDE}] => (Allow) LPort=20010
FirewallRules: [{18464C8D-F6E0-4BD9-AE72-2C917722D61D}] => (Allow) LPort=443
FirewallRules: [{A6ABA7E4-4C5E-4D2F-826D-A603E9BB01D4}] => (Allow) LPort=443
FirewallRules: [{BD62661E-8F78-405C-A1C3-9DDF0021FC46}] => (Allow) LPort=80
FirewallRules: [{EAC0AF81-6235-4CF7-93F4-DB981D9EECC5}] => (Allow) LPort=80
FirewallRules: [{64A5B154-7769-44B4-9549-47171EE71E37}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{83F8ABB5-B4B5-42AB-A620-FDACC97B3177}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{30D54FAD-B268-4E6B-AAF3-517CBAFFEDDA}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{13C73473-1BE2-423F-AF27-F8D30B4D120D}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{55DCF095-2BB5-4EB8-9A32-FBCC7448E00C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{83B40331-014F-4BE3-90F7-B795E220BCBE}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{B9E26435-3C47-4A05-93A9-163D987FFDCA}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{53ADB0FD-4D0B-45EB-8522-464F17BD32F8}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{5164A686-3F2F-454E-BADB-2E431E72DE87}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{46E92748-1C10-4778-A30B-B1577ED01D6E}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{35A469B6-6105-496E-810B-9F145362C326}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{3067C56E-4D00-4160-A258-8FEB3EA55B83}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{9E1DC9A2-6215-4F13-9748-4087F8562633}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{E7B36AE3-1973-49B4-A085-10BF9236185D}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{D0E5DE4D-EEBB-49CC-855A-0A14EAD16844}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{E4B6618F-6905-4CFC-BCF5-7EE29CEE6C05}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{AEB33FC2-6539-4CE5-BFC0-E168AE351648}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{46DC66BA-1D67-4E48-A7C8-4A2C69558C35}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{E0991642-65BE-4F02-B224-1970117F206E}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{231B5321-184F-456B-B350-2B4119795246}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [UDP Query User{E2765E83-CE55-43C6-884E-5313E35B440C}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{41376B7B-43F2-4513-B074-B1C466E0EFBF}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{A3DF1BA5-4B57-4DAF-BAB5-472550973B66}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{A999C6FB-B122-406C-92D5-7739A568870B}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [UDP Query User{8020E4C2-4A83-480B-9E0D-CF035AE1BA17}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [TCP Query User{201ECC51-73A4-4DA4-A8BB-88ADE1FA6B9D}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{B433909A-59F6-49F7-A4A0-97E3DB467A26}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{4A00AF90-9AEA-4BFD-95D3-C8F014B8C457}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [UDP Query User{88A0C794-EB31-4288-9E1D-186D4A539C5C}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [TCP Query User{BF742393-0D2F-4EAA-9C64-B3A363DE6406}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{701ABC44-5E65-4A2C-895A-384EF7AEE232}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{ED02915B-B2A8-44EB-994B-93C6FD66B181}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{1FF8FA0D-91BA-4D21-8E29-85032456E89E}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{5A243388-E326-4A43-BF9D-7765BB2D91C9}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{E6A9B320-84C8-4564-9D97-B99B16F8CD65}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [TCP Query User{408C7B54-D730-48B7-8E29-D38AF2FD72B2}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{ECFA46CF-62F2-43EF-9C7C-3525BB39CE3C}] => (Allow) E:\Program Files (x86)\Hamachi\hamachi-2-ui.exe
FirewallRules: [{45D033D0-026B-4857-AAD2-C95FF33FC5B5}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{14E41967-9CF1-40FA-94FB-9C292FC8800E}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1E018E13-327E-43AE-8775-F7E47D4C482D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4B99F4D5-9C69-4C2B-8FBB-FF66C85AEAD3}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{F0D38FDA-25A4-49B5-9CC8-36FA7F585D38}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{4D1DD812-BD54-4735-B024-4B2DDE89A80E}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{EBF86DC0-414E-436A-A824-BFCAE71A0934}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{4D10EA7B-EB2C-44A8-9050-9AEB4EA85883}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{A3E69D28-305C-46FA-AF41-7721C91794C1}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{841ECE80-2317-4B0E-AF1C-E4B34D6FAEA9}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{432C154A-6E00-4A45-BA3A-B57F3B02DA5F}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{B45541EF-8D2F-4A34-927A-7008EC48BD3D}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{5DDD5A60-F33D-464F-8864-47C87E533AB7}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{263BF13D-45F7-4686-BEE1-14244A8BE335}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{89398CC9-CEC1-4341-9447-6CFCDE81399F}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{495439DA-0FC8-4998-B1DB-E5E76741DE10}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{CD9026BE-70EC-44E9-8891-A4A53D98A72E}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [TCP Query User{D6112A26-5EE4-459F-8876-3A9D9CD14881}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{7AF52A80-1ED0-4730-A543-071EB711ECAF}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{38D69740-06A7-4263-B280-015B5BF4E68F}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{98BB4733-E2C7-4841-B5C0-5F0E7ABA95BC}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{16D6DAAC-0544-41E9-8A9A-2105DEFBAC5D}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{CF236CDD-9E4A-4AD7-B642-DD472D5B41BC}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{9C475A95-C2BC-4C53-826F-59253B07597C}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{0AE8210C-C62F-4CF3-A8D8-7CEE8F89499D}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [TCP Query User{C4AA1A32-00E1-4703-BAB8-B88959BB341B}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{227FF8A4-7786-4CF5-838F-30342034D170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{A626A0DF-62EB-4254-86B4-6CD4782CAA56}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{3109808B-641B-424F-B3E0-E11216906791}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{8127BF89-577B-4998-ACA3-32F038530B36}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{FAE6032E-F4EE-414B-8AE6-1D055E841E2E}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{8A95DAA2-C8A5-4726-A744-AA4AF9E0C960}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0DB09C56-248D-458F-BA6A-9245B83C15A4}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{06EE8B04-710E-4C12-AADD-4F553C9FF06D}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{4C70084C-459B-480D-95CA-78342505265A}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{8281A504-113D-47ED-B426-C9210A46D40A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C93A92AC-3764-4535-9CF8-4FF0A75E3C1F}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DB64647D-CE28-4F0F-A22A-A66C4E557F93}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{4C4C95F4-CDD6-4842-A14E-6678E3DC2DB0}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{5DE164B0-C4FD-47E5-AB0B-AB0D80267E4E}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{4962F3E3-D443-4225-A5B0-A20A1279795C}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [UDP Query User{0B7C8258-2244-42B0-9987-A06B4A33EB16}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [TCP Query User{76C3519C-29F4-4278-B084-ECF45B83BC91}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [{1E2225EF-DB3D-45C5-97CD-7964840D30ED}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1A1528B9-07C9-487E-BAD9-C4BF4F94426C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E2F672A2-57F0-4A72-86E5-503CBB0C1040}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5D68CBFB-3C72-40E1-AA21-34BFF751BA13}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [UDP Query User{202392AA-A968-4248-A7D2-E89A21AB0FB2}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1D4F8250-FC52-4B08-B928-06A42D16B04B}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{8D1E9DE8-3DB0-4D5D-B21B-5CADCCEA0594}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4756BC1A-F7A0-4FEA-8047-DB0BF0D88F5D}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B7CD1BBF-9584-4FBD-B019-17FE158AF96E}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9D152118-5E51-4B01-B605-1EFF028904F1}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8A8F74D-6E34-47D2-A809-EE8CF6BC4948}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{47957802-9E43-4DB9-91C2-647C001415BF}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{B5605940-609B-4608-BBD9-22D61E274A66}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{9C0E881A-423C-4E15-8034-77C16F83B1CF}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{5880BB55-F33C-4B42-AA9A-5D04DBF7D39E}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{48C5578A-880C-4D5E-968A-EBCAD580ADE0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3B9B126-5672-48D1-AB53-9EC369342CA0}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C0099489-29EC-4691-86D0-86F55907BE9B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{87AE35B6-47AA-4E55-82FC-795FD4865D9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{518FE2FE-9EAD-4E52-AAC0-2543C25C1B4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8196AAF5-56AA-4124-917C-D009DB72030B}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{ABB14CA1-12FC-486F-89AD-D848F4EA9CA3}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{401502F2-5401-4DA8-8513-CDFFE7DA6441}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{87AFFB7F-D444-467C-BE5F-DA85EB73349C}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{8721884A-4387-4F9F-8436-170F7C28AC79}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3B29A002-4BB0-40D3-9653-E9019F1AFD3F}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{475908F6-8937-416E-AC56-BB6B735B2528}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{BFE6EB55-A427-436C-B15E-F99D631EEC48}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{93240045-FB6A-4801-973C-E6321CC7C7D3}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{8489D365-3FC8-4298-A59E-1213B591FC77}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{D87EB848-16B5-4E35-A3EE-912F5717EC20}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{2041C5E3-C1B7-4AAA-8834-376B458AA5B0}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [TCP Query User{ECB8013E-C11C-45A1-AD3B-8495703CAC19}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [UDP Query User{15AED010-DC3D-40ED-A19B-BCD847FAA8D6}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{156F74D0-2DA7-4C0F-AB48-2F66E8A34C3F}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{6F72227E-4343-40DB-9056-09BAA5CCBBAC}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{25DEAD65-5919-4441-AF93-88B566540A0B}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{C3DF4918-582D-48F0-BAFD-408426F4DDA4}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{87A80444-B1C1-41E7-9987-8F2EBFA015E1}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{6FCFF811-A27A-4BE2-8E38-4F8AF3C43FEF}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [TCP Query User{878158FD-3144-498D-ADA4-3D95AB85E548}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{0B33F65E-7199-4CF2-BF2D-4DF92425ABE0}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{20E0C06F-6DA8-4BDC-87E1-F2651318E65D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{1D6DC50C-8BC9-4E19-BB12-3B7CB0336CC0}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{40E71661-696F-49A5-A063-1C06D60B18F4}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{36C79ED8-5196-4C17-8037-E0F3D5A6EDD6}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{18C8E291-A33D-421A-AA18-992210092ACC}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{30DBB7F3-49E0-4601-8B0C-FCC90D937869}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{527F8B85-38D2-4DC3-BCAF-449B099E6D3B}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{193012AA-0DC0-4541-852E-E5F37771F8DD}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D163D4F-4ED8-4D74-9B5B-C6824CA22D28}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{51A356BC-4D48-4935-B627-FD007378B9C7}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F7C97341-5BE9-4F84-9CF3-B8C3471C8A20}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [UDP Query User{2F1219D0-7B6E-4FA8-84C1-7DA793339AFA}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [TCP Query User{D0C9B2A8-9CE6-4C86-B167-B5803B4F7B57}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [UDP Query User{36848FAF-2D83-45E8-AE7F-1EC13D2E1FE7}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [TCP Query User{301D4E0D-B457-49DE-BFDA-411E3794F196}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [UDP Query User{57DC9114-DEBD-4CCE-BCF4-C4569381B841}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [TCP Query User{3F44D867-C77E-4ACE-BBE9-1C761D093296}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [UDP Query User{DCD57F8E-7F39-4410-8DC6-1F9095181258}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [TCP Query User{63D27EB1-11FD-480D-887C-72B7DB8153FA}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [UDP Query User{20ECECCF-6852-4DFF-8293-6D7DE4A2E93B}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [TCP Query User{7A6CAE1A-0EAF-41A6-9F6A-AAE58E7F26E3}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [UDP Query User{F36D404E-6AEF-46A1-8FD6-607089C31043}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [TCP Query User{904F730E-0A91-4A60-BFA7-4BB9E0A3C052}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [UDP Query User{9B48AEFE-9A21-4304-AAC0-264F693BC819}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [TCP Query User{D4986D90-1A30-4404-9990-D236A5801D80}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [UDP Query User{0AFEC170-0AC4-4988-8696-6AA1AF104372}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [{6A5928C7-BD51-4EA5-947D-BE3069A246AE}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E83C974-2F25-44CA-8A62-B016CB8E6AD3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{44FCAB8D-4DCA-4777-94D3-97E917C70419}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{299ECABA-43BF-43EB-8AA5-7A4146255A39}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{D50FC51A-0326-477C-9EA7-DF0F3864599D}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [UDP Query User{69B5EEFA-0DC5-4F2C-8783-30F45A2ADDFD}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [TCP Query User{FAE7C376-4513-44A1-98B2-674C6B305404}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{BFDE385F-BB59-45BD-9088-6F662412F464}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [TCP Query User{9A568C9B-6B94-48FF-B83F-50209A165AA1}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{B3A29930-3B4A-49DD-8D8B-C360106C7F18}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CD6E8607-95BF-428A-A66A-23E89D57AC9A}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{49DEE857-2BB1-4AE4-B910-52255A929239}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [TCP Query User{BF273DA2-ABDF-49EF-AC97-76BFB9EF15EA}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [UDP Query User{49FB96A8-143C-4F47-95FE-C29AC8D4DE41}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{DD98B784-9E4C-47A9-BC1E-9057F4581C10}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{425D8F68-8D9B-44D6-9943-C8BBF614BC73}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [{1BB09D4A-02F6-443D-B0B6-799EAB4B66CA}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{9DD32326-A4EE-483E-8A8A-BFDAAE5B766C}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{D56D9936-7DB6-4E15-AD42-3FF1D1D38390}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9E06866D-EF31-4EF5-83E0-D2DF04AB9CDD}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{093B8C02-538C-4351-B200-C6BAD15889CB}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3397FC1D-C706-46FC-A231-10B28D4CDDE9}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C1D93A8D-F609-42DD-A6F2-ACAFEE52B92C}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{19F675E8-444B-4E8A-B3BD-341D3016F81D}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{1EED93C3-6CEB-4D29-8DB1-FB6B22FB6CC1}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{40FDCA7C-E115-4ECF-B740-C3AEC4B08B75}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E41E29F-203B-4B2D-BADC-44074E695A9E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{6AED975D-8614-4EBD-94F4-4093DD721687}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{2324AB87-564F-4C0A-AE6B-513AA940F257}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [TCP Query User{15DB37B0-88D7-4C90-ABD5-FB70256139AE}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [UDP Query User{ACCFF4D0-DD59-4DE7-B054-51F559EA56D0}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [TCP Query User{FBE0A1C6-B21C-4BFE-8346-0DFDDF33D78D}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{B646017F-B7BB-4127-82EA-FF67E13AD123}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{C72C32BE-B2DE-45CA-AFDE-1806145DEB86}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{004F7B7C-A6F1-4462-87BA-6F3D2DBD1E74}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D1B49A33-DD34-4964-BFAB-DD58221DDD8B}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F12207C9-3026-4864-9ABF-60A8CD8F0416}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{7160BD8C-9C3B-4C58-9889-16920C8FEE62}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F196D72C-4539-4C5B-880F-F9FCB4ACD1CF}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{12CB3CA0-E922-4D4A-A4F6-F036C54815E2}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{E6A50989-A8BC-4761-A9A3-CA9F6D3CA9D1}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [TCP Query User{03929161-C492-4DDA-8479-383C3E1D3A4C}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B81F7015-08FB-4FDB-8E59-57C9366FE658}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FDA6D588-66B4-486F-8F02-A7C601490150}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{FC4219EA-BC7A-4703-8C7F-76A5434F437E}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{964F99B9-3BA8-4E75-BC5E-38EC749D6758}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [UDP Query User{73AD725E-DBA5-4CE4-977A-92A5AA873AA4}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [TCP Query User{D9A473E1-CC1A-449C-B4C3-A591FD532A6F}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{063CAED6-E620-4F62-B416-F9C647F227FF}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [{6C409CD5-F401-4968-869D-C365B73ECDE8}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{FBA6016C-33A6-4E45-BD6D-3809DC6E634D}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{898CB61A-66EE-44F4-8E06-4F951295A60E}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{93A2E88A-A380-4A2F-88FA-744883B130DA}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{06D7096D-7CFE-4468-825C-0992052CFB3E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [{B48A59B3-968B-4B66-B9AB-40550CA99D89}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [TCP Query User{47D5415F-4301-473E-A963-FEC9DB19A14C}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [UDP Query User{AE14DAF7-D4BB-489F-A2D7-E3D877951980}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [TCP Query User{36F35810-DD34-4A9E-88ED-68170018D7F2}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [UDP Query User{172F917F-8DD4-4D6D-9860-D8828F4CB896}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [TCP Query User{EAF18D17-E6E4-42BE-B905-F7E4E77352C7}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [UDP Query User{0A601DE9-F450-404C-9EAD-75B40F527FE6}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [TCP Query User{6FD75BE8-0C6F-42D2-A567-0CBF34D36AE9}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{30A8F9E1-7A11-4270-A306-0780762D6A88}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [{F03457E1-E54D-47DB-AEB3-83127504F64C}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{C3D0F4FA-D468-466C-BE4A-59096B576FE3}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [TCP Query User{943DF355-C27A-4068-A3D4-0A3705F24603}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [UDP Query User{9A1663EE-76D4-4F7D-8AAF-58EA2C874014}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [{3DA85164-269E-4B35-862B-752AF92B4F90}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{AEBEB0B7-47C3-4740-B7F3-F79EC6798755}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{78B1760B-B9BB-4267-B223-AE7FD30067FB}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{CA8C6DE2-CB3E-4427-AB0C-E0E015F7C811}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{05A14CB4-7793-4B6B-BBCE-FB0978B9CE7B}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5B0F65BE-AA73-4971-8647-7204FF7CB972}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B426D836-7060-4922-8B7C-2399AC1C579E}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{91151B08-6EE4-4970-B8B5-C5E1E0028DD0}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{98C51F64-44C6-4AB4-AE08-5ED553C501CB}] => (Allow) C:\Program Files (x86)\Bagsarah\Application\chrome.exe
FirewallRules: [{7915F66C-F927-4B15-A2B3-008EA3B89873}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/12/2017 09:58:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1114
Startzeit der fehlerhaften Anwendung: 0x01d2caf56e16160a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: bae5fa1b-ce62-457f-88aa-031bf0d39638
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x21b4
Startzeit der fehlerhaften Anwendung: 0x01d2caf56c50e439
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 081bb93e-706e-4ac7-b4f7-25ecff323d59
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1b5c
Startzeit der fehlerhaften Anwendung: 0x01d2caf56a05adab
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 4f210802-3077-45eb-8b75-e87a7490733d
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 08:59:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/11/2017 03:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x42c
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2def74b6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 039b6663-a808-4275-bf5a-4f9270f3be75
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:48:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/11/2017 03:47:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0x01d2ca5d2ae98f1a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 23d05b44-7727-4077-a606-aa72c228a248
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 03:46:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.9.5.353, Zeitstempel: 0x584b331b
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5cc7
ID des fehlerhaften Prozesses: 0x1d3c
Startzeit der fehlerhaften Anwendung: 0x01d2ca522ffeeb9c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: 5757f0ce-0632-4e4c-821b-60110746984f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/11/2017 02:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0x01d2ca52213df2a6
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 1cae2985-777f-4972-8ec9-e7f26ab5d3ba
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/11/2017 02:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1454
Startzeit der fehlerhaften Anwendung: 0x01d2ca521dff7f75
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 2c3921a5-7fa1-4fb3-a2f5-bdd1bcbd7a10
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (05/12/2017 09:57:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 09:20:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NPASRE" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 21600000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/11/2017 08:59:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (05/11/2017 04:31:15 PM) (Source: DCOM) (EventID: 10010) (User: LEANDER-PC)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/11/2017 04:29:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/11/2017 03:49:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/11/2017 03:47:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "NPASRE" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (05/11/2017 03:47:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/11/2017 03:47:26 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
CodeIntegrity:
===================================
Date: 2017-05-11 14:11:59.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.489
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8153.38 MB
Verfügbarer physikalischer RAM: 5404.77 MB
Summe virtueller Speicher: 11225.38 MB
Verfügbarer virtueller Speicher: 8362.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.36 GB) (Free:9.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:976.56 GB) (Free:284 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.35 GB) (Free:203.52 GB) NTFS
Drive g: (Lokaler Datenträger ) (Fixed) (Total:232.33 GB) (Free:31.17 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C6ECC302)
Partition 1: (Active) - (Size=118.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C6ECC30A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter 10:07:13.0991 0x0acc TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
10:07:13.0991 0x0acc UEFI system
10:07:28.0925 0x0acc ============================================================
10:07:28.0925 0x0acc Current date / time: 2017/05/12 10:07:28.0925
10:07:28.0925 0x0acc SystemInfo:
10:07:28.0925 0x0acc
10:07:28.0925 0x0acc OS Version: 10.0.14393 ServicePack: 0.0
10:07:28.0925 0x0acc Product type: Workstation
10:07:28.0925 0x0acc ComputerName: LEANDER-PC
10:07:28.0925 0x0acc UserName: Leander
10:07:28.0925 0x0acc Windows directory: C:\Windows
10:07:28.0925 0x0acc System windows directory: C:\Windows
10:07:28.0925 0x0acc Running under WOW64
10:07:28.0925 0x0acc Processor architecture: Intel x64
10:07:28.0925 0x0acc Number of processors: 4
10:07:28.0925 0x0acc Page size: 0x1000
10:07:28.0925 0x0acc Boot type: Normal boot
10:07:28.0925 0x0acc CodeIntegrityOptions = 0x00000001
10:07:28.0925 0x0acc ============================================================
10:07:28.0989 0x0acc KLMD registered as C:\Windows\system32\drivers\45480535.sys
10:07:28.0989 0x0acc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
10:07:29.0524 0x0acc System UUID: {8CCDA955-6497-7736-F726-DDFA77316200}
10:07:29.0937 0x0acc Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0937 0x0acc Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0948 0x0acc Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:29.0951 0x0acc ============================================================
10:07:29.0951 0x0acc \Device\Harddisk0\DR0:
10:07:29.0952 0x0acc GPT partitions:
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {437027FD-0580-422F-8C72-A894757F2ECB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {43BAF697-AFF4-40FD-BE5B-6C59909053B8}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F18D0E99-3695-4F7B-B6BC-F6B10B831E5B}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
10:07:29.0952 0x0acc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {24ABC7D4-2AB8-4BAF-928D-EA62F06E72E6}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1D0AA000
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk1\DR1:
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xECB9000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2:
10:07:29.0952 0x0acc MBR partitions:
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7A120000
10:07:29.0952 0x0acc \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x7A152800, BlocksNum 0x6ECB5000
10:07:29.0952 0x0acc ============================================================
10:07:29.0954 0x0acc C: <-> \Device\Harddisk1\DR1\Partition1
10:07:29.0961 0x0acc D: <-> \Device\Harddisk2\DR2\Partition1
10:07:29.0982 0x0acc E: <-> \Device\Harddisk2\DR2\Partition2
10:07:30.0012 0x0acc F: <-> \Device\Harddisk2\DR2\Partition3
10:07:30.0014 0x0acc G: <-> \Device\Harddisk0\DR0\Partition4
10:07:30.0014 0x0acc ============================================================
10:07:30.0014 0x0acc Initialize success
10:07:30.0014 0x0acc ============================================================
10:07:50.0270 0x2064 ============================================================
10:07:50.0270 0x2064 Scan started
10:07:50.0270 0x2064 Mode: Manual; SigCheck; TDLFS;
10:07:50.0270 0x2064 ============================================================
10:07:50.0270 0x2064 KSN ping started
10:07:50.0513 0x2064 KSN ping finished: true
10:07:51.0349 0x2064 ================ Scan system memory ========================
10:07:51.0349 0x2064 System memory - ok
10:07:51.0350 0x2064 ================ Scan services =============================
10:07:51.0399 0x2064 1394ohci - ok
10:07:51.0401 0x2064 3ware - ok
10:07:51.0404 0x2064 ACPI - ok
10:07:51.0407 0x2064 AcpiDev - ok
10:07:51.0409 0x2064 acpiex - ok
10:07:51.0412 0x2064 acpipagr - ok
10:07:51.0415 0x2064 AcpiPmi - ok
10:07:51.0417 0x2064 acpitime - ok
10:07:51.0452 0x2064 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:07:51.0482 0x2064 AdobeFlashPlayerUpdateSvc - ok
10:07:51.0505 0x2064 [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
10:07:51.0525 0x2064 AdobeUpdateService - ok
10:07:51.0530 0x2064 ADP80XX - ok
10:07:51.0533 0x2064 AFD - ok
10:07:51.0580 0x2064 [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
10:07:51.0623 0x2064 AGSService - ok
10:07:51.0628 0x2064 ahcache - ok
10:07:51.0631 0x2064 AJRouter - ok
10:07:51.0633 0x2064 ALG - ok
10:07:51.0636 0x2064 AmdK8 - ok
10:07:51.0639 0x2064 AmdPPM - ok
10:07:51.0642 0x2064 amdsata - ok
10:07:51.0645 0x2064 amdsbs - ok
10:07:51.0647 0x2064 amdxata - ok
10:07:51.0650 0x2064 AppID - ok
10:07:51.0652 0x2064 AppIDSvc - ok
10:07:51.0655 0x2064 Appinfo - ok
10:07:51.0661 0x2064 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:07:51.0670 0x2064 Apple Mobile Device Service - ok
10:07:51.0673 0x2064 applockerfltr - ok
10:07:51.0675 0x2064 AppMgmt - ok
10:07:51.0678 0x2064 AppReadiness - ok
10:07:51.0682 0x2064 AppVClient - ok
10:07:51.0684 0x2064 AppvStrm - ok
10:07:51.0686 0x2064 AppvVemgr - ok
10:07:51.0689 0x2064 AppvVfs - ok
10:07:51.0691 0x2064 AppXSvc - ok
10:07:51.0694 0x2064 arcsas - ok
10:07:51.0696 0x2064 AsyncMac - ok
10:07:51.0699 0x2064 atapi - ok
10:07:51.0707 0x2064 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:07:51.0722 0x2064 atksgt - ok
10:07:51.0726 0x2064 AudioEndpointBuilder - ok
10:07:51.0729 0x2064 Audiosrv - ok
10:07:51.0731 0x2064 AxInstSV - ok
10:07:51.0734 0x2064 b06bdrv - ok
10:07:51.0737 0x2064 BasicDisplay - ok
10:07:51.0740 0x2064 BasicRender - ok
10:07:51.0744 0x2064 bcmfn - ok
10:07:51.0746 0x2064 bcmfn2 - ok
10:07:51.0749 0x2064 BDESVC - ok
10:07:51.0751 0x2064 Beep - ok
10:07:51.0781 0x2064 [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
10:07:51.0812 0x2064 BEService - ok
10:07:51.0816 0x2064 BFE - ok
10:07:51.0855 0x2064 [ 605DC7D0AC7B2985B63D18D67F6C8098, 3E74AEFDA40A2EF0039FF01DB75A875C99537CFB91A0167786700803A9B35AAB ] BIT C:\ProgramData\BIT\BIT.dll
10:07:51.0910 0x2064 BIT - detected UnsignedFile.Multi.Generic ( 1 )
10:07:52.0214 0x2064 BIT ( UnsignedFile.Multi.Generic ) - warning
10:07:52.0454 0x2064 BITS - ok
10:07:52.0458 0x2064 bowser - ok
10:07:52.0463 0x2064 BrokerInfrastructure - ok
10:07:52.0468 0x2064 Browser - ok
10:07:52.0473 0x2064 BthAvrcpTg - ok
10:07:52.0477 0x2064 BthHFEnum - ok
10:07:52.0479 0x2064 bthhfhid - ok
10:07:52.0482 0x2064 BthHFSrv - ok
10:07:52.0485 0x2064 BTHMODEM - ok
10:07:52.0489 0x2064 bthserv - ok
10:07:52.0491 0x2064 buttonconverter - ok
10:07:52.0494 0x2064 CapImg - ok
10:07:52.0496 0x2064 cdfs - ok
10:07:52.0499 0x2064 CDPSvc - ok
10:07:52.0502 0x2064 CDPUserSvc - ok
10:07:52.0508 0x2064 cdrom - ok
10:07:52.0511 0x2064 CertPropSvc - ok
10:07:52.0513 0x2064 cht4iscsi - ok
10:07:52.0516 0x2064 cht4vbd - ok
10:07:52.0518 0x2064 circlass - ok
10:07:52.0521 0x2064 CLFS - ok
10:07:52.0523 0x2064 ClipSVC - ok
10:07:52.0526 0x2064 clreg - ok
10:07:52.0533 0x2064 cmanvwhc - ok
10:07:52.0536 0x2064 CmBatt - ok
10:07:52.0538 0x2064 CNG - ok
10:07:52.0540 0x2064 cnghwassist - ok
10:07:52.0559 0x2064 CompositeBus - ok
10:07:52.0562 0x2064 COMSysApp - ok
10:07:52.0564 0x2064 condrv - ok
10:07:52.0567 0x2064 CoreMessagingRegistrar - ok
10:07:52.0571 0x2064 CryptSvc - ok
10:07:52.0574 0x2064 CSC - ok
10:07:52.0576 0x2064 CscService - ok
10:07:52.0579 0x2064 dam - ok
10:07:52.0582 0x2064 dc1-controller - ok
10:07:52.0585 0x2064 DcomLaunch - ok
10:07:52.0588 0x2064 DcpSvc - ok
10:07:52.0590 0x2064 defragsvc - ok
10:07:52.0592 0x2064 DeviceAssociationService - ok
10:07:52.0595 0x2064 DeviceInstall - ok
10:07:52.0598 0x2064 DevQueryBroker - ok
10:07:52.0600 0x2064 Dfsc - ok
10:07:52.0603 0x2064 Dhcp - ok
10:07:52.0606 0x2064 diagnosticshub.standardcollector.service - ok
10:07:52.0609 0x2064 DiagTrack - ok
10:07:52.0612 0x2064 disk - ok
10:07:52.0614 0x2064 DmEnrollmentSvc - ok
10:07:52.0617 0x2064 dmvsc - ok
10:07:52.0619 0x2064 dmwappushservice - ok
10:07:52.0622 0x2064 Dnscache - ok
10:07:52.0625 0x2064 dot3svc - ok
10:07:52.0627 0x2064 DPS - ok
10:07:52.0631 0x2064 drmkaud - ok
10:07:52.0633 0x2064 DsmSvc - ok
10:07:52.0636 0x2064 DsSvc - ok
10:07:52.0639 0x2064 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\Windows\System32\drivers\dtlitescsibus.sys
10:07:52.0646 0x2064 dtlitescsibus - ok
10:07:52.0649 0x2064 [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\Windows\System32\drivers\dtliteusbbus.sys
10:07:52.0656 0x2064 dtliteusbbus - ok
10:07:52.0658 0x2064 DXGKrnl - ok
10:07:52.0661 0x2064 EapHost - ok
10:07:52.0663 0x2064 ebdrv - ok
10:07:52.0666 0x2064 EFS - ok
10:07:52.0669 0x2064 EhStorClass - ok
10:07:52.0671 0x2064 EhStorTcgDrv - ok
10:07:52.0675 0x2064 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:07:52.0681 0x2064 ElbyCDIO - ok
10:07:52.0684 0x2064 embeddedmode - ok
10:07:52.0686 0x2064 EntAppSvc - ok
10:07:52.0731 0x2064 [ 0E840AA66CAB02CBA9730C772BBE305B, 8862583E653D13D1D10A1A4A33704E4F70576E80370943AAFD1EAED6657A0104 ] epp E:\PROGRAM FILES (X86)\bin64\epp.sys
10:07:52.0751 0x2064 epp - ok
10:07:52.0756 0x2064 ErrDev - ok
10:07:52.0766 0x2064 [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
10:07:52.0785 0x2064 EtronHub3 - ok
10:07:52.0788 0x2064 [ 5476930AF190E6E2FAF7FA7112C2D4D7, 23D0F90169F9A12C37037D56C87368CA827CFEFA9D7A71341D83EB4D92E32188 ] EtronSTOR C:\Windows\System32\Drivers\EtronSTOR.sys
10:07:52.0798 0x2064 EtronSTOR - ok
10:07:52.0803 0x2064 [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
10:07:52.0815 0x2064 EtronXHCI - ok
10:07:52.0820 0x2064 EventSystem - ok
10:07:52.0823 0x2064 exfat - ok
10:07:52.0825 0x2064 fastfat - ok
10:07:52.0828 0x2064 Fax - ok
10:07:52.0830 0x2064 fdc - ok
10:07:52.0833 0x2064 fdPHost - ok
10:07:52.0835 0x2064 FDResPub - ok
10:07:52.0838 0x2064 fhsvc - ok
10:07:52.0841 0x2064 FileCrypt - ok
10:07:52.0843 0x2064 FileInfo - ok
10:07:52.0846 0x2064 Filetrace - ok
10:07:52.0848 0x2064 flpydisk - ok
10:07:52.0850 0x2064 FltMgr - ok
10:07:52.0853 0x2064 FontCache - ok
10:07:52.0857 0x2064 FontCache3.0.0.0 - ok
10:07:52.0890 0x2064 [ EB959B686074EA0D27A3AB42E8024D37, B85A59F2898AF536652FF65CE53822B11108E2241B34ABB693BDFC06C32DAE17 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
10:07:52.0925 0x2064 FoxitReaderService - ok
10:07:52.0930 0x2064 FrameServer - ok
10:07:52.0932 0x2064 FsDepends - ok
10:07:52.0934 0x2064 Fs_Rec - ok
10:07:52.0937 0x2064 fvevol - ok
10:07:52.0939 0x2064 gencounter - ok
10:07:52.0942 0x2064 genericusbfn - ok
10:07:52.0944 0x2064 GPIOClx0101 - ok
10:07:52.0947 0x2064 gpsvc - ok
10:07:52.0950 0x2064 GpuEnergyDrv - ok
10:07:52.0953 0x2064 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\Windows\System32\drivers\Hamdrv.sys
10:07:52.0965 0x2064 Hamachi - ok
10:07:52.0968 0x2064 HdAudAddService - ok
10:07:52.0970 0x2064 HDAudBus - ok
10:07:52.0973 0x2064 HidBatt - ok
10:07:52.0975 0x2064 HidBth - ok
10:07:52.0978 0x2064 hidi2c - ok
10:07:52.0980 0x2064 hidinterrupt - ok
10:07:52.0983 0x2064 HidIr - ok
10:07:52.0985 0x2064 hidserv - ok
10:07:52.0988 0x2064 HidUsb - ok
10:07:52.0991 0x2064 HomeGroupListener - ok
10:07:52.0993 0x2064 HomeGroupProvider - ok
10:07:52.0995 0x2064 HpSAMD - ok
10:07:52.0998 0x2064 HTTP - ok
10:07:53.0001 0x2064 HvHost - ok
10:07:53.0003 0x2064 hvservice - ok
10:07:53.0006 0x2064 hwpolicy - ok
10:07:53.0008 0x2064 hyperkbd - ok
10:07:53.0011 0x2064 i8042prt - ok
10:07:53.0013 0x2064 iagpio - ok
10:07:53.0016 0x2064 iai2c - ok
10:07:53.0018 0x2064 iaLPSS2i_GPIO2 - ok
10:07:53.0021 0x2064 iaLPSS2i_I2C - ok
10:07:53.0023 0x2064 iaLPSSi_GPIO - ok
10:07:53.0026 0x2064 iaLPSSi_I2C - ok
10:07:53.0028 0x2064 iaStorAV - ok
10:07:53.0031 0x2064 iaStorV - ok
10:07:53.0034 0x2064 ibbus - ok
10:07:53.0037 0x2064 icssvc - ok
10:07:53.0039 0x2064 IKEEXT - ok
10:07:53.0041 0x2064 IndirectKmd - ok
10:07:53.0045 0x2064 intelide - ok
10:07:53.0049 0x2064 intelpep - ok
10:07:53.0051 0x2064 intelppm - ok
10:07:53.0054 0x2064 iorate - ok
10:07:53.0056 0x2064 IpFilterDriver - ok
10:07:53.0059 0x2064 iphlpsvc - ok
10:07:53.0061 0x2064 IPMIDRV - ok
10:07:53.0064 0x2064 IPNAT - ok
10:07:53.0066 0x2064 irda - ok
10:07:53.0069 0x2064 IRENUM - ok
10:07:53.0071 0x2064 irmon - ok
10:07:53.0074 0x2064 isapnp - ok
10:07:53.0076 0x2064 iScsiPrt - ok
10:07:53.0079 0x2064 kbdclass - ok
10:07:53.0081 0x2064 kbdhid - ok
10:07:53.0084 0x2064 kdnic - ok
10:07:53.0086 0x2064 KeyIso - ok
10:07:53.0089 0x2064 KSecDD - ok
10:07:53.0091 0x2064 KSecPkg - ok
10:07:53.0094 0x2064 ksthunk - ok
10:07:53.0096 0x2064 KtmRm - ok
10:07:53.0101 0x2064 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\System32\drivers\L1C63x64.sys
10:07:53.0109 0x2064 L1C - ok
10:07:53.0112 0x2064 LanmanServer - ok
10:07:53.0115 0x2064 LanmanWorkstation - ok
10:07:53.0118 0x2064 lfsvc - ok
10:07:53.0121 0x2064 LicenseManager - ok
10:07:53.0124 0x2064 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:07:53.0130 0x2064 lirsgt - ok
10:07:53.0133 0x2064 lltdio - ok
10:07:53.0135 0x2064 lltdsvc - ok
10:07:53.0137 0x2064 lmhosts - ok
10:07:53.0141 0x2064 LSI_SAS - ok
10:07:53.0143 0x2064 LSI_SAS2i - ok
10:07:53.0147 0x2064 LSI_SAS3i - ok
10:07:53.0150 0x2064 LSI_SSS - ok
10:07:53.0152 0x2064 LSM - ok
10:07:53.0154 0x2064 luafv - ok
10:07:53.0157 0x2064 MapsBroker - ok
10:07:53.0242 0x2064 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
10:07:53.0323 0x2064 MBAMService - ok
10:07:53.0336 0x2064 [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:07:53.0347 0x2064 MBAMSwissArmy - ok
10:07:53.0350 0x2064 megasas - ok
10:07:53.0353 0x2064 megasas2i - ok
10:07:53.0355 0x2064 megasr - ok
10:07:53.0359 0x2064 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
10:07:53.0366 0x2064 MEIx64 - ok
10:07:53.0369 0x2064 MessagingService - ok
10:07:53.0373 0x2064 mlx4_bus - ok
10:07:53.0376 0x2064 MMCSS - ok
10:07:53.0378 0x2064 Modem - ok
10:07:53.0381 0x2064 monitor - ok
10:07:53.0384 0x2064 mouclass - ok
10:07:53.0386 0x2064 mouhid - ok
10:07:53.0389 0x2064 mountmgr - ok
10:07:53.0395 0x2064 [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:07:53.0403 0x2064 MozillaMaintenance - ok
10:07:53.0406 0x2064 mpsdrv - ok
10:07:53.0409 0x2064 MpsSvc - ok
10:07:53.0411 0x2064 MRxDAV - ok
10:07:53.0414 0x2064 mrxsmb - ok
10:07:53.0416 0x2064 mrxsmb10 - ok
10:07:53.0419 0x2064 mrxsmb20 - ok
10:07:53.0421 0x2064 MsBridge - ok
10:07:53.0424 0x2064 MSDTC - ok
10:07:53.0428 0x2064 Msfs - ok
10:07:53.0431 0x2064 msgpiowin32 - ok
10:07:53.0433 0x2064 mshidkmdf - ok
10:07:53.0436 0x2064 mshidumdf - ok
10:07:53.0438 0x2064 msisadrv - ok
10:07:53.0441 0x2064 MSiSCSI - ok
10:07:53.0443 0x2064 msiserver - ok
10:07:53.0446 0x2064 MSKSSRV - ok
10:07:53.0448 0x2064 MsLldp - ok
10:07:53.0451 0x2064 MSPCLOCK - ok
10:07:53.0453 0x2064 MSPQM - ok
10:07:53.0457 0x2064 MsRPC - ok
10:07:53.0460 0x2064 MsSecFlt - ok
10:07:53.0464 0x2064 mssmbios - ok
10:07:53.0466 0x2064 MSTEE - ok
10:07:53.0475 0x2064 [ 03B10F7E7244E6A41922394C3116929D, 2497D05048D4179F734092DA7A3D372B6F6E934E09E5C9DABDFA23C6DAD25E8A ] mt7612US C:\Windows\System32\drivers\mt7612US.sys
10:07:53.0495 0x2064 mt7612US - ok
10:07:53.0498 0x2064 MTConfig - ok
10:07:53.0500 0x2064 Mup - ok
10:07:53.0503 0x2064 mvumis - ok
10:07:53.0506 0x2064 NativeWifiP - ok
10:07:53.0509 0x2064 NcaSvc - ok
10:07:53.0512 0x2064 NcbService - ok
10:07:53.0514 0x2064 NcdAutoSetup - ok
10:07:53.0517 0x2064 ndfltr - ok
10:07:53.0519 0x2064 NDIS - ok
10:07:53.0522 0x2064 NdisCap - ok
10:07:53.0525 0x2064 NdisImPlatform - ok
10:07:53.0527 0x2064 NdisTapi - ok
10:07:53.0530 0x2064 Ndisuio - ok
10:07:53.0532 0x2064 NdisVirtualBus - ok
10:07:53.0535 0x2064 NdisWan - ok
10:07:53.0537 0x2064 ndiswanlegacy - ok
10:07:53.0540 0x2064 ndproxy - ok
10:07:53.0542 0x2064 Ndu - ok
10:07:53.0544 0x2064 NetAdapterCx - ok
10:07:53.0548 0x2064 NetBIOS - ok
10:07:53.0551 0x2064 NetBT - ok
10:07:53.0553 0x2064 Netlogon - ok
10:07:53.0556 0x2064 Netman - ok
10:07:53.0559 0x2064 netprofm - ok
10:07:53.0561 0x2064 NetSetupSvc - ok
10:07:53.0571 0x2064 NetTcpPortSharing - ok
10:07:53.0575 0x2064 NgcCtnrSvc - ok
10:07:53.0577 0x2064 NgcSvc - ok
10:07:53.0580 0x2064 NlaSvc - ok
10:07:53.0602 0x2064 [ 1B5804655497799161B5DCF919C7827C, F930FE7A13AC2645751CF559FBDED5FB4336DCF6D4AC11107566C526A3D5390D ] NPASRE C:\Users\Leander\AppData\Local\NPASRE\Snare.dll
10:07:53.0629 0x2064 NPASRE - detected UnsignedFile.Multi.Generic ( 1 )
10:07:53.0836 0x2064 NPASRE ( UnsignedFile.Multi.Generic ) - warning
10:07:53.0836 0x2064 Force sending object to P2P due to detect: NPASRE
10:07:54.0161 0x2064 Object send P2P result: true
10:07:54.0249 0x2064 Npfs - ok
10:07:54.0254 0x2064 npsvctrig - ok
10:07:54.0259 0x2064 nsi - ok
10:07:54.0264 0x2064 nsiproxy - ok
10:07:54.0271 0x2064 NTFS - ok
10:07:54.0276 0x2064 Null - ok
10:07:54.0287 0x2064 [ 219EB39D2F8CE26AA9A959DD53E68DE2, EBE3F231C7D564422A4E02C62276D6220E575F834B174E118D5B1A2582413CB1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:07:54.0297 0x2064 NVHDA - ok
10:07:54.0592 0x2064 [ 444B969DABB3F2D2176EF0BFAB42364F, 34468CC7A124D29130FE373BB987CB705C8767CD60F5B30CAD541F4B3F85BB55 ] nvlddmkm C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys
10:07:54.0847 0x2064 nvlddmkm - ok
10:07:54.0862 0x2064 nvraid - ok
10:07:54.0865 0x2064 nvstor - ok
10:07:54.0877 0x2064 [ 16006A9892E8AB4BFD4D555740E97CE1, 336364C97687380CC15B12EDDA0FD467084E8157AFA1B62A61F28AF37E923F76 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
10:07:54.0890 0x2064 NvTelemetryContainer - ok
10:07:54.0893 0x2064 OneSyncSvc - ok
10:07:54.0986 0x2064 [ D75A76EB38AD90E9AB34CAB1E50CE39E, 63345F673DD7CB590910C40C77D082EE47BF377F146E0C6D948E3CCD17512673 ] Origin Client Service E:\Origin\OriginClientService.exe
10:07:55.0029 0x2064 Origin Client Service - ok
10:07:55.0102 0x2064 [ 8901179D73E77060AD4EED7CB8924E10, 6ED27384A70499E3DF29ED43047E1D60E78F71D1A6820C5487C4621B42B0FFD5 ] Origin Web Helper Service E:\Origin\OriginWebHelperService.exe
10:07:55.0161 0x2064 Origin Web Helper Service - ok
10:07:55.0166 0x2064 p2pimsvc - ok
10:07:55.0169 0x2064 p2psvc - ok
10:07:55.0171 0x2064 Parport - ok
10:07:55.0174 0x2064 partmgr - ok
10:07:55.0177 0x2064 PcaSvc - ok
10:07:55.0180 0x2064 pci - ok
10:07:55.0183 0x2064 pciide - ok
10:07:55.0185 0x2064 pcmcia - ok
10:07:55.0187 0x2064 pcw - ok
10:07:55.0190 0x2064 pdc - ok
10:07:55.0192 0x2064 PEAUTH - ok
10:07:55.0195 0x2064 PeerDistSvc - ok
10:07:55.0197 0x2064 percsas2i - ok
10:07:55.0200 0x2064 percsas3i - ok
10:07:55.0225 0x2064 PerfHost - ok
10:07:55.0231 0x2064 PhoneSvc - ok
10:07:55.0234 0x2064 PimIndexMaintenanceSvc - ok
10:07:55.0238 0x2064 pla - ok
10:07:55.0241 0x2064 PlugPlay - ok
10:07:55.0243 0x2064 PnkBstrA - ok
10:07:55.0246 0x2064 PNRPAutoReg - ok
10:07:55.0248 0x2064 PNRPsvc - ok
10:07:55.0251 0x2064 PolicyAgent - ok
10:07:55.0255 0x2064 Power - ok
10:07:55.0257 0x2064 PptpMiniport - ok
10:07:55.0353 0x2064 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:07:55.0456 0x2064 PrintNotify - ok
10:07:55.0461 0x2064 Processor - ok
10:07:55.0464 0x2064 ProfSvc - ok
10:07:55.0467 0x2064 Psched - ok
10:07:55.0469 0x2064 QWAVE - ok
10:07:55.0472 0x2064 QWAVEdrv - ok
10:07:55.0474 0x2064 RasAcd - ok
10:07:55.0477 0x2064 RasAgileVpn - ok
10:07:55.0480 0x2064 RasAuto - ok
10:07:55.0482 0x2064 Rasl2tp - ok
10:07:55.0485 0x2064 RasMan - ok
10:07:55.0487 0x2064 RasPppoe - ok
10:07:55.0490 0x2064 RasSstp - ok
10:07:55.0492 0x2064 rdbss - ok
10:07:55.0497 0x2064 rdpbus - ok
10:07:55.0499 0x2064 RDPDR - ok
10:07:55.0504 0x2064 RdpVideoMiniport - ok
10:07:55.0506 0x2064 rdyboost - ok
10:07:55.0509 0x2064 ReFSv1 - ok
10:07:55.0513 0x2064 RemoteAccess - ok
10:07:55.0515 0x2064 RemoteRegistry - ok
10:07:55.0518 0x2064 RetailDemo - ok
10:07:55.0521 0x2064 RmSvc - ok
10:07:55.0523 0x2064 RpcEptMapper - ok
10:07:55.0526 0x2064 RpcLocator - ok
10:07:55.0529 0x2064 RpcSs - ok
10:07:55.0532 0x2064 rspndr - ok
10:07:55.0534 0x2064 s3cap - ok
10:07:55.0537 0x2064 SamSs - ok
10:07:55.0539 0x2064 sbp2port - ok
10:07:55.0542 0x2064 SCardSvr - ok
10:07:55.0545 0x2064 ScDeviceEnum - ok
10:07:55.0549 0x2064 scfilter - ok
10:07:55.0552 0x2064 Schedule - ok
10:07:55.0554 0x2064 scmbus - ok
10:07:55.0557 0x2064 scmdisk0101 - ok
10:07:55.0560 0x2064 SCPolicySvc - ok
10:07:55.0562 0x2064 sdbus - ok
10:07:55.0565 0x2064 SDRSVC - ok
10:07:55.0568 0x2064 sdstor - ok
10:07:55.0570 0x2064 SecDrv - ok
10:07:55.0573 0x2064 seclogon - ok
10:07:55.0575 0x2064 SENS - ok
10:07:55.0578 0x2064 Sense - ok
10:07:55.0581 0x2064 SensorDataService - ok
10:07:55.0584 0x2064 SensorService - ok
10:07:55.0586 0x2064 SensrSvc - ok
10:07:55.0589 0x2064 SerCx - ok
10:07:55.0591 0x2064 SerCx2 - ok
10:07:55.0594 0x2064 Serenum - ok
10:07:55.0596 0x2064 Serial - ok
10:07:55.0599 0x2064 sermouse - ok
10:07:55.0606 0x2064 SessionEnv - ok
10:07:55.0608 0x2064 sfloppy - ok
10:07:55.0611 0x2064 SharedAccess - ok
10:07:55.0616 0x2064 ShellHWDetection - ok
10:07:55.0619 0x2064 shpamsvc - ok
10:07:55.0621 0x2064 SiSRaid2 - ok
10:07:55.0624 0x2064 SiSRaid4 - ok
10:07:55.0633 0x2064 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:07:55.0650 0x2064 SkypeUpdate - ok
10:07:55.0653 0x2064 smphost - ok
10:07:55.0656 0x2064 SmsRouter - ok
10:07:55.0661 0x2064 SNMPTRAP - ok
10:07:55.0664 0x2064 spaceport - ok
10:07:55.0666 0x2064 SpbCx - ok
10:07:55.0669 0x2064 Spooler - ok
10:07:55.0672 0x2064 sppsvc - ok
10:07:55.0674 0x2064 srv - ok
10:07:55.0677 0x2064 srv2 - ok
10:07:55.0680 0x2064 srvnet - ok
10:07:55.0682 0x2064 SSDPSRV - ok
10:07:55.0685 0x2064 SstpSvc - ok
10:07:55.0688 0x2064 StateRepository - ok
10:07:55.0720 0x2064 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:07:55.0752 0x2064 Steam Client Service - ok
10:07:55.0756 0x2064 stexstor - ok
10:07:55.0759 0x2064 stisvc - ok
10:07:55.0761 0x2064 storahci - ok
10:07:55.0764 0x2064 storflt - ok
10:07:55.0767 0x2064 stornvme - ok
10:07:55.0770 0x2064 storqosflt - ok
10:07:55.0773 0x2064 StorSvc - ok
10:07:55.0775 0x2064 storufs - ok
10:07:55.0778 0x2064 storvsc - ok
10:07:55.0781 0x2064 svsvc - ok
10:07:55.0784 0x2064 swenum - ok
10:07:55.0786 0x2064 swprv - ok
10:07:55.0789 0x2064 Synth3dVsc - ok
10:07:55.0793 0x2064 SysMain - ok
10:07:55.0796 0x2064 SystemEventsBroker - ok
10:07:55.0799 0x2064 TabletInputService - ok
10:07:55.0801 0x2064 TapiSrv - ok
10:07:55.0804 0x2064 Tcpip - ok
10:07:55.0806 0x2064 Tcpip6 - ok
10:07:55.0814 0x2064 tcpipreg - ok
10:07:55.0818 0x2064 tdx - ok
10:07:55.0821 0x2064 terminpt - ok
10:07:55.0824 0x2064 TermService - ok
10:07:55.0826 0x2064 Themes - ok
10:07:55.0829 0x2064 TieringEngineService - ok
10:07:55.0832 0x2064 tiledatamodelsvc - ok
10:07:55.0835 0x2064 TimeBrokerSvc - ok
10:07:55.0837 0x2064 TPM - ok
10:07:55.0840 0x2064 TrkWks - ok
10:07:55.0843 0x2064 TrustedInstaller - ok
10:07:55.0847 0x2064 tsusbflt - ok
10:07:55.0850 0x2064 TsUsbGD - ok
10:07:55.0852 0x2064 tsusbhub - ok
10:07:55.0855 0x2064 tunnel - ok
10:07:55.0858 0x2064 tzautoupdate - ok
10:07:55.0861 0x2064 UASPStor - ok
10:07:55.0864 0x2064 UcmCx0101 - ok
10:07:55.0867 0x2064 UcmTcpciCx0101 - ok
10:07:55.0869 0x2064 UcmUcsi - ok
10:07:55.0872 0x2064 Ucx01000 - ok
10:07:55.0875 0x2064 UdeCx - ok
10:07:55.0877 0x2064 udfs - ok
10:07:55.0880 0x2064 UEFI - ok
10:07:55.0883 0x2064 UevAgentDriver - ok
10:07:55.0886 0x2064 UevAgentService - ok
10:07:55.0889 0x2064 Ufx01000 - ok
10:07:55.0892 0x2064 UfxChipidea - ok
10:07:55.0895 0x2064 ufxsynopsys - ok
10:07:55.0901 0x2064 UI0Detect - ok
10:07:55.0903 0x2064 umbus - ok
10:07:55.0906 0x2064 UmPass - ok
10:07:55.0909 0x2064 UmRdpService - ok
10:07:55.0912 0x2064 UnistoreSvc - ok
10:07:55.0917 0x2064 upnphost - ok
10:07:55.0920 0x2064 UrsChipidea - ok
10:07:55.0923 0x2064 UrsCx01000 - ok
10:07:55.0926 0x2064 UrsSynopsys - ok
10:07:55.0930 0x2064 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
10:07:55.0942 0x2064 USBAAPL64 - ok
10:07:55.0945 0x2064 usbaudio - ok
10:07:55.0948 0x2064 usbccgp - ok
10:07:55.0951 0x2064 usbcir - ok
10:07:55.0954 0x2064 usbehci - ok
10:07:55.0956 0x2064 usbhub - ok
10:07:55.0959 0x2064 USBHUB3 - ok
10:07:55.0962 0x2064 usbohci - ok
10:07:55.0965 0x2064 usbprint - ok
10:07:55.0968 0x2064 usbser - ok
10:07:55.0971 0x2064 USBSTOR - ok
10:07:55.0974 0x2064 usbuhci - ok
10:07:55.0976 0x2064 USBXHCI - ok
10:07:55.0979 0x2064 UserDataSvc - ok
10:07:55.0985 0x2064 UserManager - ok
10:07:55.0987 0x2064 UsoSvc - ok
10:07:55.0990 0x2064 VaultSvc - ok
10:07:55.0994 0x2064 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\Windows\System32\drivers\VClone.sys
10:07:56.0003 0x2064 VClone - ok
10:07:56.0005 0x2064 vdrvroot - ok
10:07:56.0008 0x2064 vds - ok
10:07:56.0011 0x2064 VerifierExt - ok
10:07:56.0014 0x2064 vhdmp - ok
10:07:56.0017 0x2064 vhf - ok
10:07:56.0034 0x2064 [ EF2270C2DF2B61FF1B8C422DC443CEFE, 30C74108BC0DE5884D64C7611CE8282CE556D9B42D7BE1FE569DE2067FBB4D5A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
10:07:56.0052 0x2064 VIAHdAudAddService - ok
10:07:56.0057 0x2064 [ 004175DA13E0372DA58F523104921631, 413A4C8169EDFDBAA58DA5FEDCBF1D0525F64A7AD34BAF17E29BCD14C1C189A7 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
10:07:56.0073 0x2064 VIAKaraokeService - ok
10:07:56.0076 0x2064 vmbus - ok
10:07:56.0078 0x2064 VMBusHID - ok
10:07:56.0081 0x2064 vmgid - ok
10:07:56.0084 0x2064 vmicguestinterface - ok
10:07:56.0087 0x2064 vmicheartbeat - ok
10:07:56.0090 0x2064 vmickvpexchange - ok
10:07:56.0093 0x2064 vmicrdv - ok
10:07:56.0095 0x2064 vmicshutdown - ok
10:07:56.0098 0x2064 vmictimesync - ok
10:07:56.0101 0x2064 vmicvmsession - ok
10:07:56.0103 0x2064 vmicvss - ok
10:07:56.0106 0x2064 volmgr - ok
10:07:56.0109 0x2064 volmgrx - ok
10:07:56.0113 0x2064 volsnap - ok
10:07:56.0116 0x2064 volume - ok
10:07:56.0119 0x2064 vpci - ok
10:07:56.0122 0x2064 vsmraid - ok
10:07:56.0124 0x2064 VSS - ok
10:07:56.0127 0x2064 VSTXRAID - ok
10:07:56.0130 0x2064 vwifibus - ok
10:07:56.0133 0x2064 vwififlt - ok
10:07:56.0136 0x2064 W32Time - ok
10:07:56.0139 0x2064 WacomPen - ok
10:07:56.0142 0x2064 WalletService - ok
10:07:56.0145 0x2064 wanarp - ok
10:07:56.0148 0x2064 wanarpv6 - ok
10:07:56.0151 0x2064 wbengine - ok
10:07:56.0154 0x2064 WbioSrvc - ok
10:07:56.0157 0x2064 wcifs - ok
10:07:56.0159 0x2064 Wcmsvc - ok
10:07:56.0163 0x2064 wcncsvc - ok
10:07:56.0165 0x2064 wcnfs - ok
10:07:56.0168 0x2064 WdBoot - ok
10:07:56.0171 0x2064 Wdf01000 - ok
10:07:56.0174 0x2064 WdFilter - ok
10:07:56.0177 0x2064 WdiServiceHost - ok
10:07:56.0180 0x2064 WdiSystemHost - ok
10:07:56.0183 0x2064 wdiwifi - ok
10:07:56.0186 0x2064 WdNisDrv - ok
10:07:56.0190 0x2064 WdNisSvc - ok
10:07:56.0193 0x2064 WebClient - ok
10:07:56.0196 0x2064 Wecsvc - ok
10:07:56.0200 0x2064 WEPHOSTSVC - ok
10:07:56.0203 0x2064 wercplsupport - ok
10:07:56.0206 0x2064 WerSvc - ok
10:07:56.0208 0x2064 WFPLWFS - ok
10:07:56.0212 0x2064 WiaRpc - ok
10:07:56.0215 0x2064 WIMMount - ok
10:07:56.0217 0x2064 WinDefend - ok
10:07:56.0223 0x2064 WindowsTrustedRT - ok
10:07:56.0226 0x2064 WindowsTrustedRTProxy - ok
10:07:56.0229 0x2064 WinHttpAutoProxySvc - ok
10:07:56.0232 0x2064 WinMad - ok
10:07:56.0243 0x2064 Winmgmt - ok
10:07:56.0246 0x2064 WinRM - ok
10:07:56.0263 0x2064 [ DBCC61A9F9C8582F9BE9528B8DABCA32, BF81B8BF11D7231754EBE2FD1EA52E89F961979635168CB0A7C271D954C43314 ] WinSAPSvc C:\Users\Leander\AppData\Roaming\WinSAPSvc\WinSAP.dll
10:07:56.0282 0x2064 WinSAPSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:07:56.0479 0x2064 WinSAPSvc ( UnsignedFile.Multi.Generic ) - warning
10:07:56.0570 0x2064 WINUSB - ok
10:07:56.0576 0x2064 WinVerbs - ok
10:07:56.0583 0x2064 wisvc - ok
10:07:56.0586 0x2064 WlanSvc - ok
10:07:56.0589 0x2064 wlidsvc - ok
10:07:56.0592 0x2064 WmiAcpi - ok
10:07:56.0598 0x2064 wmiApSrv - ok
10:07:56.0601 0x2064 WMPNetworkSvc - ok
10:07:56.0604 0x2064 Wof - ok
10:07:56.0609 0x2064 workfolderssvc - ok
10:07:56.0613 0x2064 WPDBusEnum - ok
10:07:56.0616 0x2064 WpdUpFltr - ok
10:07:56.0619 0x2064 WpnService - ok
10:07:56.0622 0x2064 WpnUserService - ok
10:07:56.0627 0x2064 ws2ifsl - ok
10:07:56.0630 0x2064 wscsvc - ok
10:07:56.0633 0x2064 WSDPrintDevice - ok
10:07:56.0637 0x2064 WSDScan - ok
10:07:56.0640 0x2064 WSearch - ok
10:07:56.0644 0x2064 wuauserv - ok
10:07:56.0647 0x2064 WudfPf - ok
10:07:56.0650 0x2064 WUDFRd - ok
10:07:56.0653 0x2064 wudfsvc - ok
10:07:56.0656 0x2064 WUDFWpdFs - ok
10:07:56.0659 0x2064 WUDFWpdMtp - ok
10:07:56.0662 0x2064 WwanSvc - ok
10:07:56.0666 0x2064 XblAuthManager - ok
10:07:56.0669 0x2064 XblGameSave - ok
10:07:56.0672 0x2064 xboxgip - ok
10:07:56.0676 0x2064 XboxNetApiSvc - ok
10:07:56.0679 0x2064 xinputhid - ok
10:07:56.0681 0x2064 ================ Scan global ===============================
10:07:56.0691 0x2064 [ Global ] - ok
10:07:56.0692 0x2064 ================ Scan MBR ==================================
10:07:56.0695 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:07:56.0718 0x2064 \Device\Harddisk0\DR0 - ok
10:07:56.0720 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:07:56.0782 0x2064 \Device\Harddisk1\DR1 - ok
10:07:56.0797 0x2064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
10:07:57.0022 0x2064 \Device\Harddisk2\DR2 - ok
10:07:57.0023 0x2064 ================ Scan VBR ==================================
10:07:57.0027 0x2064 [ 2D2BBD13BA1BEDC04FBA3D7249F12938 ] \Device\Harddisk0\DR0\Partition1
10:07:57.0030 0x2064 \Device\Harddisk0\DR0\Partition1 - ok
10:07:57.0033 0x2064 [ 362708809E74A2713E36FC9F5B297E3D ] \Device\Harddisk0\DR0\Partition2
10:07:57.0034 0x2064 \Device\Harddisk0\DR0\Partition2 - ok
10:07:57.0038 0x2064 [ BD797CF9878AC2F19C83F35D4D5D009E ] \Device\Harddisk0\DR0\Partition3
10:07:57.0038 0x2064 \Device\Harddisk0\DR0\Partition3 - ok
10:07:57.0043 0x2064 [ 0A1B6D47E7A6418A8295A62055AFB781 ] \Device\Harddisk0\DR0\Partition4
10:07:57.0045 0x2064 \Device\Harddisk0\DR0\Partition4 - ok
10:07:57.0049 0x2064 [ 07DFC2C889EEBF1B08CCAC6DE479CEEB ] \Device\Harddisk1\DR1\Partition1
10:07:57.0051 0x2064 \Device\Harddisk1\DR1\Partition1 - ok
10:07:57.0055 0x2064 [ DFE9FD3C8FD950C8F317651E482D0D33 ] \Device\Harddisk2\DR2\Partition1
10:07:57.0057 0x2064 \Device\Harddisk2\DR2\Partition1 - ok
10:07:57.0060 0x2064 [ C8A9648FA6FE513BB00D52EAA74ACAF5 ] \Device\Harddisk2\DR2\Partition2
10:07:57.0062 0x2064 \Device\Harddisk2\DR2\Partition2 - ok
10:07:57.0065 0x2064 [ 1CC5C0F5BDEBFD7606390B40EEBCE38F ] \Device\Harddisk2\DR2\Partition3
10:07:57.0066 0x2064 \Device\Harddisk2\DR2\Partition3 - ok
10:07:57.0067 0x2064 ================ Scan generic autorun ======================
10:07:57.0171 0x2064 [ B040D46C934F7DB15297E6ECA23EDAD3, CB09DE99F060F5C9E5FE5DBBD551869D3D035BBCDA11B387507B436002C0C10D ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
10:07:57.0300 0x2064 HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
10:07:57.0466 0x2064 Detect skipped due to KSN trusted
10:07:57.0466 0x2064 HDAudDeck - ok
10:07:57.0489 0x2064 [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:07:57.0516 0x2064 AdobeAAMUpdater-1.0 - ok
10:07:57.0517 0x2064 WindowsDefender - ok
10:07:57.0619 0x2064 [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
10:07:57.0671 0x2064 Malwarebytes TrayApp - ok
10:07:57.0677 0x2064 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
10:07:57.0684 0x2064 VirtualCloneDrive - ok
10:07:57.0731 0x2064 [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
10:07:57.0788 0x2064 Adobe Creative Cloud - ok
10:07:57.0812 0x2064 OneDriveSetup - ok
10:07:57.0814 0x2064 OneDriveSetup - ok
10:07:57.0847 0x2064 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Leander\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:07:57.0886 0x2064 OneDrive - ok
10:07:58.0021 0x2064 [ 5AC56F5BEBC027169A1588142A8F125A, 293D1A22B8D7645101AF4773479F8C6F3E920BF85A348253F6AB3FC8BB5CD36B ] C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
10:07:58.0144 0x2064 Spotify - ok
10:07:58.0258 0x2064 [ 5EAB2A65DCA8A6171A8789932F250A31, C3C0E159EE67C94637CCF1D957352938CA19D73B501558FF82CFE014283F0013 ] E:\Origin\Origin.exe
10:07:58.0314 0x2064 EADM - ok
10:07:58.0344 0x2064 [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:07:58.0379 0x2064 Spotify Web Helper - ok
10:07:58.0561 0x2064 [ 0B4431D8286AB24483CEBA4503DCB6B1, 70D54CDDC8CBFAEB11CABF7A1DEA69CBE420EFCA96381E8753AD9326407875EE ] F:\My Games\Wot\WargamingGameUpdater.exe
10:07:58.0627 0x2064 World of Tanks - ok
10:07:58.0782 0x2064 [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] F:\My Games\WOW\WargamingGameUpdater.exe
10:07:58.0847 0x2064 World of Warships - ok
10:07:58.0850 0x2064 World of Tanks (1) - ok
10:07:58.0881 0x2064 Prime95 - ok
10:07:58.0883 0x2064 Skype - ok
10:07:58.0884 0x2064 Waiting for KSN requests completion. In queue: 44
10:07:59.0902 0x2064 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x61100 ( enabled : updated )
10:07:59.0915 0x2064 Win FW state via NFP2: enabled ( trusted )
10:08:00.0013 0x2064 ============================================================
10:08:00.0013 0x2064 Scan finished
10:08:00.0013 0x2064 ============================================================
10:08:00.0026 0x1230 Detected object count: 3
10:08:00.0026 0x1230 Actual detected object count: 3
10:08:46.0511 0x1230 BIT ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0511 0x1230 BIT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:46.0511 0x1230 NPASRE ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0511 0x1230 NPASRE ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:08:46.0512 0x1230 WinSAPSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:08:46.0512 0x1230 WinSAPSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.05.2017, 20:20
| #7 |
| /// TB-Ausbilder | Adware installiert immer wieder Chrome und Toolbars Danke für die AdwCleaner Logdateien. Ich bitte um Beachtung meiner Hinweise, insbesondere Punkt 6. |
|
13.05.2017, 06:39
| #8 |
| | Adware installiert immer wieder Chrome und Toolbars Ok ich kopiere die dann auf den desktop. Problem ist, dass die Adware zurück ist. Also Chrome wurde wieder installiert und ich hab ne andere searchengine bei firefox. zudem stürtzt firefox immer wieder ab. Ich hab das jetzt mal so gelassen. weil ich ja nix machen soll. |
|
13.05.2017, 12:42
| #9 | ||
| /// TB-Ausbilder | Adware installiert immer wieder Chrome und Toolbars Servus, Zitat:
Zitat:
Wir wären allerdings schon weiter, wenn du genauer lesen würdest.  |
|
13.05.2017, 13:45
| #10 |
| | Adware installiert immer wieder Chrome und Toolbars So alles ist auf den desktop verschoben worden. Ich scane jetzt mal Sorry fürs nicht genau lesen, aber nach einer gewissen zeit stürtzt jetzt firefox ab. :C FRST Neu vom Desktop Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von Leander (Administrator) auf LEANDER-PC (13-05-2017 14:41:01)
Gestartet von C:\Users\Leander\Desktop
Geladene Profile: Leander (Verfügbare Profile: Leander)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Firefox\Firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Firefox\Firefox.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-06-25] (VIA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify] => C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [EADM] => E:\Origin\Origin.exe [3046264 2017-05-02] (Electronic Arts)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify Web Helper] => C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks] => F:\My Games\Wot\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Warships] => F:\My Games\WOW\WargamingGameUpdater.exe [3134216 2017-03-09] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks (1)] => "F:\My Games\Wot Testserver\WargamingGameUpdater.exe"
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Prime95] => C:\Users\Leander\AppData\Local\Temp\Rar$EXa0.507\prime95.exe <===== ACHTUNG
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellExecuteHooks: Kein Name - {8F0F267E-12E9-11E7-A647-64006A5CFC23} - C:\Users\Leander\AppData\Roaming\Rekerghareday\Thaferknicik.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.198.1
Tcpip\..\Interfaces\{1b9d694c-0723-46f2-82ca-561812a30ba7}: [DhcpNameServer] 192.168.198.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1473955321833
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: eqtdc3ih.default
FF ProfilePath: C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default [2017-05-13]
FF NewTab: Mozilla\Firefox\Profiles\eqtdc3ih.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF Extension: (AdBlocker Ultimate) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-29]
FF Extension: (MEGA) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Adblock Plus) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF ProfilePath: C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default [2017-05-13]
FF NewTab: Firefox\Firefox\Profiles\eqtdc3ih.default -> about:newtab
FF SelectedSearchEngine: Firefox\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF Extension: (SimilarWeb) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-05-12] [ist nicht signiert]
FF Extension: (FF Adr) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-05-12] [ist nicht signiert]
FF Extension: (AdBlocker Ultimate) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-29]
FF Extension: (MEGA) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-05-12] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Leander\AppData\Roaming\Firefox\Firefox\Profiles\eqtdc3ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 BIT; C:\ProgramData\BIT\BIT.dll [1857536 2017-05-09] (BIT.dll) [Datei ist nicht signiert]
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [101528 2017-05-12] () <==== ACHTUNG
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NPASRE; C:\Users\Leander\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] (InterSect Alliance Pty Ltd) [Datei ist nicht signiert]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2147216 2017-05-02] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3116440 2017-05-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinAppSvr; C:\ProgramData\Microsoft\AppV\sym\dbg.dll [109056 2017-05-12] (TODO: <Company name>) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WinSAPSvc; C:\Users\Leander\AppData\Roaming\WinSAPSvc\WinSAP.dll [585216 2017-05-09] (serviec) [Datei ist nicht signiert] <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-08-20] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-17] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-17] (Disc Soft Ltd)
R1 epp; E:\PROGRAM FILES (X86)\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2013-08-05] (Etron Technology Inc)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-08-20] ()
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2003-04-22] () [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 cmanvwhc; \??\C:\WINDOWS\system32\drivers\cmanvwhc.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-13 14:38 - 2017-05-13 14:38 - 00000562 _____ C:\TDSSKiller.3.1.0.15_13.05.2017_14.38.12_log.txt
2017-05-13 14:38 - 2017-05-13 14:38 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Mozilla
2017-05-13 14:38 - 2017-05-12 10:07 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Leander\Desktop\tdsskiller.exe
2017-05-13 14:38 - 2017-05-11 14:18 - 01663672 _____ (Malwarebytes) C:\Users\Leander\Desktop\JRT.exe
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Windows\AppReadiness
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Users\Leander\.QtWebEngineProcess
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Users\Leander\.Origin
2017-05-13 14:37 - 2017-05-11 14:57 - 02429440 _____ (Farbar) C:\Users\Leander\Desktop\FRST64.exe
2017-05-13 14:37 - 2017-05-04 16:07 - 04102600 _____ C:\Users\Leander\Desktop\adwcleaner_6.046.exe
2017-05-12 20:22 - 2017-05-12 20:22 - 00001252 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-12 20:22 - 2017-05-12 20:22 - 00000000 ____D C:\Users\Leander\AppData\Local\UNP
2017-05-12 19:11 - 2017-05-12 19:12 - 00000000 ____D C:\Program Files\UNP
2017-05-12 19:11 - 2017-05-12 19:11 - 00000000 ____D C:\Windows\system32\UNP
2017-05-12 14:46 - 2017-05-12 14:46 - 00002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-12 14:46 - 2017-05-12 14:46 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Firefox
2017-05-12 14:46 - 2017-05-12 14:46 - 00000000 ____D C:\Users\Leander\AppData\Local\Firefox
2017-05-12 14:46 - 2017-05-12 14:46 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-05-12 14:45 - 2017-05-12 14:45 - 00000000 ____D C:\Program Files (x86)\Eggper
2017-05-12 14:44 - 2017-05-13 14:39 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-05-12 14:44 - 2017-05-13 14:38 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-05-12 14:43 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\3333
2017-05-12 14:43 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\2222
2017-05-12 10:07 - 2017-05-12 10:09 - 00079314 _____ C:\TDSSKiller.3.1.0.15_12.05.2017_10.07.13_log.txt
2017-05-11 21:00 - 2017-05-13 14:36 - 00000000 ____D C:\Program Files (x86)\MIO
2017-05-11 21:00 - 2017-05-12 14:44 - 00003674 _____ C:\Windows\System32\Tasks\Milimili
2017-05-11 21:00 - 2017-05-12 14:44 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WinSAPSvc
2017-05-11 21:00 - 2017-05-11 21:00 - 00000000 ____D C:\Users\Leander\AppData\Local\NPASRE
2017-05-11 20:58 - 2017-05-11 20:58 - 00000000 ____D C:\Reerdition
2017-05-11 18:49 - 2017-05-11 18:49 - 00025135 _____ C:\Users\Leander\Desktop\Alte Adwarecleaner scans.rar
2017-05-11 18:45 - 2017-05-11 18:45 - 00003872 _____ C:\Users\Leander\Desktop\AdwCleaner[S2].txt
2017-05-11 18:45 - 2017-05-11 18:45 - 00003736 _____ C:\Users\Leander\Desktop\AdwCleaner[S3].txt
2017-05-11 18:45 - 2017-05-11 18:45 - 00003202 _____ C:\Users\Leander\Desktop\AdwCleaner[S4].txt
2017-05-11 15:55 - 2017-05-13 14:41 - 00018252 _____ C:\Users\Leander\Desktop\FRST.txt
2017-05-11 15:55 - 2017-05-12 10:04 - 00078406 _____ C:\Users\Leander\Desktop\Addition.txt
2017-05-11 15:53 - 2017-05-13 14:41 - 00000000 ____D C:\FRST
2017-05-11 15:53 - 2017-05-11 15:53 - 00001240 _____ C:\Users\Leander\Desktop\Sacn mwb.txt
2017-05-11 15:48 - 2017-05-11 15:48 - 00002883 _____ C:\Users\Leander\Desktop\AdwCleaner[C8].txt
2017-05-11 15:45 - 2017-05-11 15:45 - 00003162 _____ C:\Users\Leander\Desktop\scan_170511-143141.txt
2017-05-11 14:40 - 2017-05-11 14:40 - 00002951 ____C C:\Users\Leander\Desktop\AdwCleaner[S13].txt
2017-05-11 14:12 - 2017-05-11 14:12 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-11 13:50 - 2017-05-11 13:50 - 00006053 ____C C:\Users\Leander\Desktop\AdwCleaner[C7].txt
2017-05-11 13:49 - 2017-05-11 13:49 - 00006422 ____C C:\Users\Leander\Desktop\AdwCleaner[S12].txt
2017-05-11 13:46 - 2017-05-11 13:46 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 13:38 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-11 10:28 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-11 10:28 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-11 10:28 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-11 10:28 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-11 10:28 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:28 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-11 10:28 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 10:28 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-11 10:28 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-11 10:28 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-11 10:28 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-11 10:28 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-11 10:28 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 10:28 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-11 10:28 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-11 10:28 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-11 10:28 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-11 10:28 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 10:28 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-11 10:28 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-11 10:28 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-11 10:28 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-11 10:28 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-11 10:28 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-11 10:27 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-11 10:27 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 10:27 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-11 10:27 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-11 10:27 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-11 10:27 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 10:27 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-11 10:27 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-11 10:27 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-11 10:27 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-11 10:27 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-11 10:27 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-11 10:27 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-11 10:27 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-11 10:27 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-11 10:27 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-11 10:27 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-11 10:27 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-11 10:27 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-11 10:27 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-11 10:27 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-11 10:27 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-05-11 10:27 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-11 10:27 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-11 10:27 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-11 10:27 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-11 10:27 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-11 10:27 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-11 10:27 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-11 10:27 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-11 10:27 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-11 10:27 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-11 10:27 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-11 10:27 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 10:27 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-11 10:27 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-11 10:27 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-05-11 10:26 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-11 10:26 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-11 10:26 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-11 10:26 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-11 10:26 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-11 10:26 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-11 10:26 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-11 10:26 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-11 10:26 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-11 10:26 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-11 10:26 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-11 10:26 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-11 10:26 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-11 10:26 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-11 10:26 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-11 10:26 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-11 10:26 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-11 10:26 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-11 10:26 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-11 10:26 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-11 10:26 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-11 10:26 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-11 10:26 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-11 10:26 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-11 10:26 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-11 10:26 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-11 10:26 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-11 10:26 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:26 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-11 10:26 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-11 10:26 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-11 10:26 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-11 10:26 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-07 14:33 - 2017-05-07 14:33 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\5FB23263.sys
2017-05-05 21:39 - 2017-05-11 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 13:56 - 2017-05-05 13:56 - 00000000 ____D C:\Users\Leander\AppData\Local\NVIDIA Corporation
2017-05-05 13:53 - 2017-05-05 13:53 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 13:53 - 2017-05-02 00:38 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-05-05 13:53 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-05-05 13:53 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-05-05 13:53 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-05-05 13:50 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-05-05 13:41 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-05 13:41 - 2017-05-02 00:38 - 00513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-05-05 13:41 - 2017-05-02 00:38 - 00418936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-05-05 13:37 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-05 13:36 - 2017-05-05 13:36 - 00000000 ____D C:\NVIDIA
2017-05-05 12:55 - 2017-05-05 12:55 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-05 12:54 - 2017-05-05 12:54 - 00003650 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-04 21:09 - 2017-05-04 21:10 - 00000000 ____D C:\Users\Leander\Documents\Need For Speed
2017-05-04 20:57 - 2017-05-04 20:57 - 00000709 _____ C:\Users\Public\Desktop\Need for Speed™.lnk
2017-05-04 17:15 - 2017-05-04 17:15 - 00003522 ____C C:\Users\Leander\Desktop\AdwCleaner[C6].txt
2017-05-04 17:11 - 2017-05-04 17:11 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\3B4040D4.sys
2017-05-04 16:10 - 2017-05-04 16:10 - 00003492 ____C C:\Users\Leander\Desktop\AdwCleaner[S11].txt
2017-04-30 17:40 - 2017-04-30 17:40 - 00000000 ____D C:\Users\Leander\AppData\Local\Sniper3
2017-04-29 10:21 - 2017-05-04 19:54 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Factorio
2017-04-28 14:53 - 2017-04-28 14:53 - 00002749 _____ C:\Users\Public\Desktop\Factorio.lnk
2017-04-28 14:53 - 2017-04-28 14:53 - 00000000 ____D C:\Program Files (x86)\Factorio
2017-04-26 09:43 - 2017-04-26 09:43 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:39 - 2017-05-05 13:59 - 00000000 ____D C:\Insist
2017-04-21 22:06 - 2017-04-21 22:06 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\750F2B85.sys
2017-04-21 22:01 - 2017-04-21 22:01 - 00003322 ____C C:\Users\Leander\Desktop\AdwCleaner[S10].txt
2017-04-21 21:42 - 2017-04-21 21:42 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4201187D.sys
2017-04-21 21:38 - 2017-04-21 21:38 - 00003351 ____C C:\Users\Leander\Desktop\AdwCleaner[S9].txt
2017-04-21 18:50 - 2017-04-21 18:50 - 00000000 _____ C:\Windows\SysWOW64\44
2017-04-20 18:53 - 2017-04-20 18:53 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 18:48 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-20 18:45 - 2017-05-11 10:29 - 00000000 _____ C:\Windows\SysWOW64\1
2017-04-20 18:40 - 2017-04-20 18:40 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\656C3FB5.sys
2017-04-19 11:23 - 2017-05-12 14:46 - 00001999 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 11:22 - 2017-04-19 11:22 - 00006506 ____C C:\Users\Leander\Desktop\AdwCleaner[C5].txt
2017-04-19 11:20 - 2017-04-19 11:20 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4981203A.sys
2017-04-19 11:18 - 2017-04-19 11:18 - 00007973 ____C C:\Users\Leander\Desktop\AdwCleaner[S8].txt
2017-04-18 18:30 - 2017-04-19 11:01 - 00001799 _____ C:\Users\Leander\Desktop\Warum AMD am Arsch ist.txt
2017-04-15 21:52 - 2017-04-15 21:58 - 00000000 ____D C:\Users\Leander\Downloads\Fakki
2017-04-15 21:50 - 2017-04-15 21:50 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 2 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 2
2017-04-15 20:35 - 2017-05-11 13:51 - 00245640 _____ C:\Users\Leander\Downloads\Firefox Setup Stub 52.0.2 (1).exe
2017-04-15 20:20 - 2017-04-15 21:49 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 1 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 1
2017-04-15 20:19 - 2017-04-15 20:19 - 00002528 ____C C:\Users\Leander\Desktop\AdwCleaner[S7].txt
2017-04-15 20:16 - 2017-04-15 20:16 - 00002483 ____C C:\Users\Leander\Desktop\AdwCleaner[S6].txt
2017-04-15 13:13 - 2017-04-15 13:13 - 00001230 _____ C:\Users\Public\Desktop\Splinter Cell Conviction.lnk
2017-04-15 13:13 - 2017-04-15 13:13 - 00000000 ____D C:\Users\Leander\AppData\Local\storage
2017-04-15 11:55 - 2017-04-15 11:58 - 00000872 _____ C:\Users\Leander\Desktop\Act of Aggression.lnk
2017-04-14 14:21 - 2017-05-11 14:27 - 00000000 ____D C:\Users\Leander\Desktop\mbar
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-13 14:40 - 2016-07-17 00:51 - 03085082 _____ C:\Windows\system32\perfh007.dat
2017-05-13 14:40 - 2016-07-17 00:51 - 00833994 _____ C:\Windows\system32\perfc007.dat
2017-05-13 14:40 - 2016-06-25 14:22 - 06284778 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-13 14:39 - 2016-12-16 16:53 - 00000000 ____D C:\Users\Leander\AppData\Local\CrashDumps
2017-05-13 14:39 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Local\Packages
2017-05-13 14:38 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Mozilla
2017-05-13 14:37 - 2016-10-08 10:34 - 00000000 ____D C:\Users\Leander
2017-05-13 14:37 - 2016-07-13 19:59 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Skype
2017-05-13 14:37 - 2016-07-06 11:44 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Origin
2017-05-13 14:37 - 2016-06-25 18:01 - 00000000 ____D C:\Users\Leander\AppData\Local\Adobe
2017-05-13 14:37 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Spotify
2017-05-13 14:37 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Adobe
2017-05-13 14:37 - 2015-10-21 19:20 - 00000000 ___RD C:\Users\Leander\OneDrive
2017-05-13 14:36 - 2017-03-31 17:17 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-13 14:36 - 2016-10-08 10:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-13 14:36 - 2016-10-08 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-13 14:36 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-13 14:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-13 14:36 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Local\Mozilla
2017-05-12 15:16 - 2016-10-15 13:00 - 00000903 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2017-05-12 10:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-12 09:57 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Local\Spotify
2017-05-11 20:59 - 2017-03-30 20:58 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2017-05-11 18:46 - 2015-05-31 17:04 - 00000000 ___DC C:\AdwCleaner
2017-05-11 18:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Games
2017-05-11 16:18 - 2017-03-31 17:17 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-05-11 15:47 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-05-11 14:28 - 2016-06-25 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 14:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Programme
2017-05-11 14:00 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 13:57 - 2016-10-08 10:32 - 00228168 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 13:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 13:56 - 2017-03-27 22:31 - 00000000 ____D C:\Users\Leander\AppData\Roaming\SmartSteamEmu
2017-05-11 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Registration
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 13:55 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-11 10:34 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 10:29 - 2016-06-25 16:29 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 10:29 - 2016-06-25 16:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-11 09:37 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-09 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 15:29 - 2016-07-09 19:45 - 00000000 ____D C:\Users\Leander\AppData\Roaming\vlc
2017-05-08 21:38 - 2016-07-08 18:41 - 00000000 ____D C:\Users\Leander\AppData\Local\Ubisoft Game Launcher
2017-05-08 21:38 - 2016-06-25 21:47 - 00000000 ____D C:\Users\Leander\AppData\Local\JDownloader v2.0
2017-05-06 21:20 - 2015-10-23 20:40 - 00000000 ____D C:\Users\Leander\Documents\My Games
2017-05-05 13:53 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Help
2017-05-05 12:53 - 2017-02-08 18:55 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2017-05-05 12:53 - 2016-10-08 10:32 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-05-04 17:17 - 2016-11-27 15:50 - 00000000 ____D C:\Users\Leander\Documents\Project CARS
2017-05-03 09:53 - 2015-11-14 19:25 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 3
2017-05-02 20:25 - 2016-07-08 15:47 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-05-02 20:25 - 2016-07-08 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-08 10:34 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-04-20 18:41 - 2016-12-17 19:11 - 00003284 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-20 18:41 - 2016-06-25 14:21 - 00002389 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-19 11:23 - 2017-04-11 21:22 - 00000000 ____D C:\Program Files (x86)\temp
2017-04-19 11:23 - 2017-03-10 07:39 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.3d
2017-04-19 11:23 - 2017-02-26 11:18 - 00000000 ____D C:\Users\Leander\Documents\Stronghold Crusader
2017-04-19 11:23 - 2017-02-23 11:50 - 00000000 ____D C:\Users\Leander\AppData\Local\0ad
2017-04-19 11:23 - 2017-02-13 20:02 - 00000000 ____D C:\Users\Leander\Documents\Mount&Blade Warband
2017-04-19 11:23 - 2017-01-21 13:04 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WhatsApp
2017-04-19 11:23 - 2017-01-16 14:31 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.0
2017-04-19 11:23 - 2017-01-15 21:37 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Tropico 5
2017-04-19 11:23 - 2016-12-19 20:40 - 00000000 ____D C:\Users\Leander\AppData\Roaming\dvdcss
2017-04-19 11:23 - 2016-12-14 17:24 - 00000000 ____D C:\Users\Leander\AppData\Local\LOOT
2017-04-19 11:23 - 2016-10-30 15:14 - 00000000 ____D C:\Users\Leander\Documents\Command and Conquer Generals Zero Hour Data
2017-04-19 11:23 - 2016-10-15 13:55 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 1
2017-04-19 11:23 - 2016-10-04 20:19 - 00000000 ____D C:\Users\Leander\AppData\Roaming\TS3Client
2017-04-19 11:23 - 2016-09-01 21:17 - 00000000 ____D C:\Users\Leander\Documents\Master of Orion
2017-04-19 11:23 - 2016-08-20 21:40 - 00000000 ____D C:\Users\Leander\Documents\ANNO 1404 Venedig
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 __RSD C:\Windows\Media
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\security
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\InputMethod
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\IME
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 11:23 - 2016-07-14 21:17 - 00000000 ____D C:\Users\Leander\Documents\Dolphin Emulator
2017-04-19 11:23 - 2016-07-13 18:42 - 00000000 ____D C:\Users\Leander\AppData\Local\SKIDROW
2017-04-19 11:23 - 2016-07-10 13:50 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Frontier Developments
2017-04-19 11:23 - 2016-07-07 12:41 - 00000000 ____D C:\Users\Leander\AppData\Roaming\.minecraft
2017-04-19 11:23 - 2016-06-25 14:20 - 00000000 ____D C:\Users\Leander\AppData\Local\MicrosoftEdge
2017-04-19 11:23 - 2016-06-25 14:17 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-19 11:23 - 2016-06-11 16:27 - 00000000 ____D C:\Users\Leander\Documents\Spiele
2017-04-19 11:23 - 2016-04-01 19:34 - 00000000 ____D C:\Users\Leander\.litwrl
2017-04-19 11:23 - 2016-03-24 16:54 - 00000000 ____D C:\Users\Leander\Documents\TrackMania
2017-04-19 11:23 - 2016-03-23 13:43 - 00000000 ____D C:\Users\Leander\Documents\STAR WARS Battlefront
2017-04-19 11:23 - 2016-01-03 22:58 - 00000000 ____D C:\Users\Leander\Documents\3DMark
2017-04-19 11:23 - 2015-12-29 17:01 - 00000000 ____D C:\Users\Leander\Documents\BFH
2017-04-19 11:23 - 2015-12-13 17:16 - 00000000 ____D C:\Users\Leander\Documents\FIFA 15
2017-04-19 11:23 - 2015-12-03 19:02 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Adobe
2017-04-19 11:23 - 2015-11-11 19:07 - 00000000 ____D C:\Users\Leander\Documents\StarCraft II
2017-04-19 11:23 - 2015-10-29 21:02 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 4
2017-04-19 11:23 - 2010-11-21 09:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-04-14 23:37 - 2017-03-31 17:17 - 00092096 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-04-14 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-04-14 15:24 - 2017-03-31 17:17 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-14 15:24 - 2017-03-31 17:17 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-04-14 15:24 - 2017-03-31 17:16 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-26 12:47 - 2016-07-05 19:47 - 0000151 _____ () C:\Users\Leander\AppData\Roaming\WB.CFG
2016-11-27 19:44 - 2016-12-27 13:45 - 0007597 _____ () C:\Users\Leander\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole4047230449030724081.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole7442378117606400700.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole780015794168616176.dll
2017-03-20 18:26 - 2017-03-20 18:26 - 14456872 _____ (Microsoft Corporation) C:\Users\Leander\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:27
==================== Ende von FRST.txt ============================
|
|
13.05.2017, 13:48
| #11 |
| | Adware installiert immer wieder Chrome und Toolbars Neu Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Leander (13-05-2017 14:41:40)
Gestartet von C:\Users\Leander\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-08 08:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-314425503-1263803708-1118067362-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-314425503-1263803708-1118067362-503 - Limited - Disabled)
Gast (S-1-5-21-314425503-1263803708-1118067362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-314425503-1263803708-1118067362-1002 - Limited - Enabled)
Leander (S-1-5-21-314425503-1263803708-1118067362-1000 - Administrator - Enabled) => C:\Users\Leander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0 A.D. (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\0 A.D.) (Version: r18915P-alpha - Wildfire Games)
Act of Aggression MULTI2 1.0 (HKLM-x32\...\Act of Aggression MULTI2 1.0) (Version: - )
Act of Aggression Update 14 MULTI2 1.0 (HKLM-x32\...\Act of Aggression Update 14 MULTI2 1.0) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
AlphaGo (HKLM-x32\...\{118B6258-BF13-47C9-8D46-B2A349196B5D}) (Version: 1.0.0 - Default Company Name)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
Borderlands 2 GOTY version 1.8.2 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2 - 2K Games)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2016 (HKLM\...\Steam App 391040) (Version: - Codemasters)
Factorio (HKLM-x32\...\{2BCB3CEC-B168-450B-857D-408CA9E9F3C4}) (Version: 12.24.0000 - Your Company Name)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
GdZ WoT ModPack Version 0.9.17.0.06 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.17.0.06 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: Mass Effect 3 - )
Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft OneDrive (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\1893001152_is1) (Version: 2.0.0.3 - GOG.com)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: - )
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
SpellForce 2 Patch (x32 Version: 1.0.0 - JoWood) Hidden
Splinter Cell: Conviction - Deluxe Edition (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}_is1) (Version: 1.04.000 - Ubisoft)
Spotify (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version: - Petroglyph)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XVM Version 6.4.3 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.3 - XVM team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C14277FD74D4}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12FD3112-DD67-4F99-A131-5729DDC1C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {1406D884-61DC-4B4D-8B4F-5C027501E4F3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {2A043FF9-3775-45BE-96FE-1074721A002B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {31244610-8760-4B4E-8A8A-9EF7E29EEA23} - \Buhukhjoly -> Keine Datei <==== ACHTUNG
Task: {5ED3EE11-B80D-4F61-A462-97CDD74A7040} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-09] () <==== ACHTUNG
Task: {8FFE60D5-A499-4D75-B1F2-E0B9A7E0AE6A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-leander-hausmann@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {966282B4-8F3D-4636-875D-C1ED5539DE98} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
Task: {A87C61AC-122E-4289-B391-8B47E3B080B5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {B38B6170-5E59-4D10-8FD4-51AD70098688} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-02] (NVIDIA Corporation)
Task: {BF8866CF-CFB4-47CD-973E-1FBDD5DBDEE8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Leander\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DF58C814-98FC-4C83-94D0-C888DC80FAE5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-08 10:31 - 2016-07-08 21:28 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-08 20:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:12 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-05-12 14:46 - 2017-05-12 04:26 - 00101528 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
2017-05-09 14:18 - 2017-05-09 14:19 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 14:18 - 2017-05-09 14:19 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 02493440 _____ () E:\Origin\libGLESv2.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 67725936 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libcef.dll
2016-10-27 17:54 - 2017-04-20 18:41 - 00110192 _____ () C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-01-19 06:46 - 2017-01-19 06:46 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 01929840 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libglesv2.dll
2016-06-25 16:35 - 2017-04-20 18:41 - 00087152 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libegl.dll
2016-12-09 16:09 - 2016-12-09 16:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-06-25 15:08 - 2016-06-25 15:06 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.198.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{363E6FE3-05AA-4245-BEB8-2B4E8CD2424C}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{0B150D02-1977-45E3-8A17-A51A5EEFA337}] => (Allow) F:\My Games\Wot Testserver\worldoftanks.exe
FirewallRules: [{23529468-A65B-4EDF-9CA3-1730D28A2974}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{A503D355-AD3C-4420-946D-6574FFE49D4A}] => (Allow) F:\My Games\Wot Testserver\WoTLauncher.exe
FirewallRules: [{454DAB07-9945-460C-95CC-22062FB7A43E}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{71FB9FAA-8E79-4D04-A687-8AD32BAE534D}] => (Allow) E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2E59E606-789C-4809-A4FB-04E905F212D1}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{F60A8791-663B-40D8-BA96-C98817A64AB4}] => (Block) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [UDP Query User{DEDB94BE-05B1-46BD-B1F7-764FD9A02800}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [TCP Query User{7293833D-4038-421A-A6EC-056E91781B7B}F:\my games\nba 2k17\nba2k17.exe] => (Allow) F:\my games\nba 2k17\nba2k17.exe
FirewallRules: [{6E3679F6-6E56-4056-A62C-38FFCEFA9179}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{A50E42BB-4B73-41AD-A196-95533DB7BD85}] => (Block) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{804DD275-645E-4943-BFDD-ECA62E362FB3}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{F531007A-DDC5-401A-B50A-30A88787019E}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe
FirewallRules: [{610AD0C5-449A-4B7E-8BB3-B577DBB0B889}] => (Allow) LPort=8090
FirewallRules: [{BB1D5C61-C74E-4856-B047-4A23FCBCE604}] => (Allow) LPort=8090
FirewallRules: [{5114F9E0-C29A-4B77-B3F2-E9651D6ECDF5}] => (Allow) LPort=20443
FirewallRules: [{96C073AC-EF66-421E-A93D-0E2DF23E360E}] => (Allow) LPort=20443
FirewallRules: [{1E2E955A-14E9-4F49-AAD7-6C3DA314CA4C}] => (Allow) LPort=33333
FirewallRules: [{93EED35E-BBB6-41F8-8D82-697DC174FFC9}] => (Allow) LPort=33333
FirewallRules: [{B8BE5478-9D36-4ADC-877A-706BA989AAC6}] => (Allow) LPort=6881
FirewallRules: [{7740550A-9F38-4D94-8139-CEB616D8448B}] => (Allow) LPort=6881
FirewallRules: [{EE116E94-7F11-4821-B1A0-7BB23DD36CB3}] => (Allow) LPort=27022
FirewallRules: [{B830484E-1CD7-487F-A0E6-C21ECEAF026D}] => (Allow) LPort=27022
FirewallRules: [{F4688C96-87D0-4FAC-973C-6E499E6FBEFF}] => (Allow) LPort=7853
FirewallRules: [{E979BEA8-42F2-4775-A126-8E7B67205DE5}] => (Allow) LPort=7853
FirewallRules: [{7655A8CB-9A30-4F41-BF5A-5C52A3BE3097}] => (Allow) LPort=7852
FirewallRules: [{D889F872-9573-4B3D-A3D5-44E4E22C67AF}] => (Allow) LPort=7852
FirewallRules: [{EBB00AD9-6A87-4E2C-A94A-1F3B9A5855AE}] => (Allow) LPort=7850
FirewallRules: [{8778D438-EC2F-4402-8FBC-D8FFBF188188}] => (Allow) LPort=7850
FirewallRules: [{9516CF23-C46A-4412-A4F2-A7FA543C2317}] => (Allow) LPort=3478
FirewallRules: [{D1B835E9-5A11-4C44-BB99-25F1671675BC}] => (Allow) LPort=3478
FirewallRules: [{C62F6C43-5600-4898-8620-5B462A752663}] => (Allow) LPort=20010
FirewallRules: [{9FF63B17-486F-49BE-9D8F-52FB4CFFBFDE}] => (Allow) LPort=20010
FirewallRules: [{18464C8D-F6E0-4BD9-AE72-2C917722D61D}] => (Allow) LPort=443
FirewallRules: [{A6ABA7E4-4C5E-4D2F-826D-A603E9BB01D4}] => (Allow) LPort=443
FirewallRules: [{BD62661E-8F78-405C-A1C3-9DDF0021FC46}] => (Allow) LPort=80
FirewallRules: [{EAC0AF81-6235-4CF7-93F4-DB981D9EECC5}] => (Allow) LPort=80
FirewallRules: [{64A5B154-7769-44B4-9549-47171EE71E37}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{83F8ABB5-B4B5-42AB-A620-FDACC97B3177}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{30D54FAD-B268-4E6B-AAF3-517CBAFFEDDA}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{13C73473-1BE2-423F-AF27-F8D30B4D120D}] => (Allow) F:\Program Files (x86)\WarThunder\run.exe
FirewallRules: [{55DCF095-2BB5-4EB8-9A32-FBCC7448E00C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{83B40331-014F-4BE3-90F7-B795E220BCBE}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{B9E26435-3C47-4A05-93A9-163D987FFDCA}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{53ADB0FD-4D0B-45EB-8522-464F17BD32F8}] => (Allow) E:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{5164A686-3F2F-454E-BADB-2E431E72DE87}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{46E92748-1C10-4778-A30B-B1577ED01D6E}] => (Allow) C:\Users\Leander\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{35A469B6-6105-496E-810B-9F145362C326}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{3067C56E-4D00-4160-A258-8FEB3EA55B83}] => (Allow) F:\My Games\WOW\worldofwarships.exe
FirewallRules: [{9E1DC9A2-6215-4F13-9748-4087F8562633}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{E7B36AE3-1973-49B4-A085-10BF9236185D}] => (Allow) F:\My Games\WOW\WoWSLauncher.exe
FirewallRules: [{D0E5DE4D-EEBB-49CC-855A-0A14EAD16844}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{E4B6618F-6905-4CFC-BCF5-7EE29CEE6C05}] => (Allow) F:\My Games\Wot\worldoftanks.exe
FirewallRules: [{AEB33FC2-6539-4CE5-BFC0-E168AE351648}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{46DC66BA-1D67-4E48-A7C8-4A2C69558C35}] => (Allow) F:\My Games\Wot\WoTLauncher.exe
FirewallRules: [{E0991642-65BE-4F02-B224-1970117F206E}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{231B5321-184F-456B-B350-2B4119795246}] => (Block) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [UDP Query User{E2765E83-CE55-43C6-884E-5313E35B440C}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{41376B7B-43F2-4513-B074-B1C466E0EFBF}F:\program files (x86)\master of orion\masteroforion.exe] => (Allow) F:\program files (x86)\master of orion\masteroforion.exe
FirewallRules: [{A3DF1BA5-4B57-4DAF-BAB5-472550973B66}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{A999C6FB-B122-406C-92D5-7739A568870B}] => (Block) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [UDP Query User{8020E4C2-4A83-480B-9E0D-CF035AE1BA17}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [TCP Query User{201ECC51-73A4-4DA4-A8BB-88ADE1FA6B9D}F:\my games\8-bit hordes\instanceserverg.exe] => (Allow) F:\my games\8-bit hordes\instanceserverg.exe
FirewallRules: [{B433909A-59F6-49F7-A4A0-97E3DB467A26}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{4A00AF90-9AEA-4BFD-95D3-C8F014B8C457}] => (Block) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [UDP Query User{88A0C794-EB31-4288-9E1D-186D4A539C5C}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [TCP Query User{BF742393-0D2F-4EAA-9C64-B3A363DE6406}F:\my games\8-bit hordes\clientg.exe] => (Allow) F:\my games\8-bit hordes\clientg.exe
FirewallRules: [{701ABC44-5E65-4A2C-895A-384EF7AEE232}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{ED02915B-B2A8-44EB-994B-93C6FD66B181}] => (Block) E:\steam\steamapps\common\just cause 2\justcause2.exe
FirewallRules: [{1FF8FA0D-91BA-4D21-8E29-85032456E89E}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{5A243388-E326-4A43-BF9D-7765BB2D91C9}] => (Block) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [UDP Query User{E6A9B320-84C8-4564-9D97-B99B16F8CD65}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [TCP Query User{408C7B54-D730-48B7-8E29-D38AF2FD72B2}E:\games\battlefield 1942\bf1942.exe] => (Allow) E:\games\battlefield 1942\bf1942.exe
FirewallRules: [{ECFA46CF-62F2-43EF-9C7C-3525BB39CE3C}] => (Allow) E:\Program Files (x86)\Hamachi\hamachi-2-ui.exe
FirewallRules: [{45D033D0-026B-4857-AAD2-C95FF33FC5B5}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{14E41967-9CF1-40FA-94FB-9C292FC8800E}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1E018E13-327E-43AE-8775-F7E47D4C482D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{4B99F4D5-9C69-4C2B-8FBB-FF66C85AEAD3}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{F0D38FDA-25A4-49B5-9CC8-36FA7F585D38}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{4D1DD812-BD54-4735-B024-4B2DDE89A80E}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Benchmark.exe
FirewallRules: [{EBF86DC0-414E-436A-A824-BFCAE71A0934}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{4D10EA7B-EB2C-44A8-9050-9AEB4EA85883}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{A3E69D28-305C-46FA-AF41-7721C91794C1}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{841ECE80-2317-4B0E-AF1C-E4B34D6FAEA9}] => (Allow) F:\Program Files (x86)\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{432C154A-6E00-4A45-BA3A-B57F3B02DA5F}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{B45541EF-8D2F-4A34-927A-7008EC48BD3D}] => (Allow) F:\Program Files (x86)\Anno 1404\Addon.exe
FirewallRules: [{5DDD5A60-F33D-464F-8864-47C87E533AB7}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{263BF13D-45F7-4686-BEE1-14244A8BE335}] => (Allow) F:\Program Files (x86)\Anno 1404\Anno4.exe
FirewallRules: [{89398CC9-CEC1-4341-9447-6CFCDE81399F}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{495439DA-0FC8-4998-B1DB-E5E76741DE10}] => (Block) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{CD9026BE-70EC-44E9-8891-A4A53D98A72E}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [TCP Query User{D6112A26-5EE4-459F-8876-3A9D9CD14881}F:\my games\unrealtournament\system\unrealtournament.exe] => (Allow) F:\my games\unrealtournament\system\unrealtournament.exe
FirewallRules: [{7AF52A80-1ED0-4730-A543-071EB711ECAF}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{38D69740-06A7-4263-B280-015B5BF4E68F}] => (Block) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{98BB4733-E2C7-4841-B5C0-5F0E7ABA95BC}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{16D6DAAC-0544-41E9-8A9A-2105DEFBAC5D}E:\program files (x86)\warcraft iii\war3.exe] => (Allow) E:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{CF236CDD-9E4A-4AD7-B642-DD472D5B41BC}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{9C475A95-C2BC-4C53-826F-59253B07597C}] => (Block) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{0AE8210C-C62F-4CF3-A8D8-7CEE8F89499D}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [TCP Query User{C4AA1A32-00E1-4703-BAB8-B88959BB341B}E:\games\total war rome ii - emperor edition\rome2.exe] => (Allow) E:\games\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{227FF8A4-7786-4CF5-838F-30342034D170}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{A626A0DF-62EB-4254-86B4-6CD4782CAA56}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [TCP Query User{3109808B-641B-424F-B3E0-E11216906791}F:\my games\borderlands 2\binaries\win32\borderlands2.exe] => (Allow) F:\my games\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{8127BF89-577B-4998-ACA3-32F038530B36}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [TCP Query User{FAE6032E-F4EE-414B-8AE6-1D055E841E2E}E:\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) E:\steam\steamapps\common\doom\doomx64vk.exe
FirewallRules: [UDP Query User{8A95DAA2-C8A5-4726-A744-AA4AF9E0C960}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0DB09C56-248D-458F-BA6A-9245B83C15A4}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{06EE8B04-710E-4C12-AADD-4F553C9FF06D}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{4C70084C-459B-480D-95CA-78342505265A}E:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) E:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{8281A504-113D-47ED-B426-C9210A46D40A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{C93A92AC-3764-4535-9CF8-4FF0A75E3C1F}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{DB64647D-CE28-4F0F-A22A-A66C4E557F93}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{4C4C95F4-CDD6-4842-A14E-6678E3DC2DB0}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe
FirewallRules: [{5DE164B0-C4FD-47E5-AB0B-AB0D80267E4E}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [{4962F3E3-D443-4225-A5B0-A20A1279795C}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe
FirewallRules: [UDP Query User{0B7C8258-2244-42B0-9987-A06B4A33EB16}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [TCP Query User{76C3519C-29F4-4278-B084-ECF45B83BC91}E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4_x86.exe
FirewallRules: [{1E2225EF-DB3D-45C5-97CD-7964840D30ED}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1A1528B9-07C9-487E-BAD9-C4BF4F94426C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E2F672A2-57F0-4A72-86E5-503CBB0C1040}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{5D68CBFB-3C72-40E1-AA21-34BFF751BA13}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [UDP Query User{202392AA-A968-4248-A7D2-E89A21AB0FB2}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1D4F8250-FC52-4B08-B928-06A42D16B04B}E:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) E:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{8D1E9DE8-3DB0-4D5D-B21B-5CADCCEA0594}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{4756BC1A-F7A0-4FEA-8047-DB0BF0D88F5D}E:\games\grand theft auto v\gta5.exe] => (Allow) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B7CD1BBF-9584-4FBD-B019-17FE158AF96E}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9D152118-5E51-4B01-B605-1EFF028904F1}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8A8F74D-6E34-47D2-A809-EE8CF6BC4948}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [TCP Query User{47957802-9E43-4DB9-91C2-647C001415BF}F:\my games\kingdoms of amalur - reckoning\reckoning.exe] => (Allow) F:\my games\kingdoms of amalur - reckoning\reckoning.exe
FirewallRules: [UDP Query User{B5605940-609B-4608-BBD9-22D61E274A66}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{9C0E881A-423C-4E15-8034-77C16F83B1CF}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe] => (Allow) E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe
FirewallRules: [{5880BB55-F33C-4B42-AA9A-5D04DBF7D39E}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{48C5578A-880C-4D5E-968A-EBCAD580ADE0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3B9B126-5672-48D1-AB53-9EC369342CA0}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{C0099489-29EC-4691-86D0-86F55907BE9B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{87AE35B6-47AA-4E55-82FC-795FD4865D9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{518FE2FE-9EAD-4E52-AAC0-2543C25C1B4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8196AAF5-56AA-4124-917C-D009DB72030B}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{ABB14CA1-12FC-486F-89AD-D848F4EA9CA3}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{401502F2-5401-4DA8-8513-CDFFE7DA6441}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{87AFFB7F-D444-467C-BE5F-DA85EB73349C}] => (Allow) E:\Steam\steamapps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{8721884A-4387-4F9F-8436-170F7C28AC79}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3B29A002-4BB0-40D3-9653-E9019F1AFD3F}] => (Block) E:\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{475908F6-8937-416E-AC56-BB6B735B2528}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{BFE6EB55-A427-436C-B15E-F99D631EEC48}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{93240045-FB6A-4801-973C-E6321CC7C7D3}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{8489D365-3FC8-4298-A59E-1213B591FC77}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{D87EB848-16B5-4E35-A3EE-912F5717EC20}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{2041C5E3-C1B7-4AAA-8834-376B458AA5B0}] => (Allow) E:\Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [TCP Query User{ECB8013E-C11C-45A1-AD3B-8495703CAC19}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [UDP Query User{15AED010-DC3D-40ED-A19B-BCD847FAA8D6}E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe] => (Allow) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{156F74D0-2DA7-4C0F-AB48-2F66E8A34C3F}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{6F72227E-4343-40DB-9056-09BAA5CCBBAC}] => (Block) E:\games\command and conquer generals zero hour\command and conquer generals zero hour\generals.exe
FirewallRules: [{25DEAD65-5919-4441-AF93-88B566540A0B}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{C3DF4918-582D-48F0-BAFD-408426F4DDA4}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{87A80444-B1C1-41E7-9987-8F2EBFA015E1}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{6FCFF811-A27A-4BE2-8E38-4F8AF3C43FEF}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [TCP Query User{878158FD-3144-498D-ADA4-3D95AB85E548}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{0B33F65E-7199-4CF2-BF2D-4DF92425ABE0}E:\games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [{20E0C06F-6DA8-4BDC-87E1-F2651318E65D}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{1D6DC50C-8BC9-4E19-BB12-3B7CB0336CC0}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{40E71661-696F-49A5-A063-1C06D60B18F4}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{36C79ED8-5196-4C17-8037-E0F3D5A6EDD6}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{18C8E291-A33D-421A-AA18-992210092ACC}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{30DBB7F3-49E0-4601-8B0C-FCC90D937869}] => (Allow) E:\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{527F8B85-38D2-4DC3-BCAF-449B099E6D3B}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{193012AA-0DC0-4541-852E-E5F37771F8DD}] => (Allow) E:\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D163D4F-4ED8-4D74-9B5B-C6824CA22D28}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{51A356BC-4D48-4935-B627-FD007378B9C7}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{F7C97341-5BE9-4F84-9CF3-B8C3471C8A20}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [UDP Query User{2F1219D0-7B6E-4FA8-84C1-7DA793339AFA}I:\cs 1.6\hl.exe] => (Allow) I:\cs 1.6\hl.exe
FirewallRules: [TCP Query User{D0C9B2A8-9CE6-4C86-B167-B5803B4F7B57}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [UDP Query User{36848FAF-2D83-45E8-AE7F-1EC13D2E1FE7}C:0\cs 1.6\hl.exe] => (Allow) C:0\cs 1.6\hl.exe
FirewallRules: [TCP Query User{301D4E0D-B457-49DE-BFDA-411E3794F196}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [UDP Query User{57DC9114-DEBD-4CCE-BCF4-C4569381B841}C:1\cs 1.6\hl.exe] => (Allow) C:1\cs 1.6\hl.exe
FirewallRules: [TCP Query User{3F44D867-C77E-4ACE-BBE9-1C761D093296}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [UDP Query User{DCD57F8E-7F39-4410-8DC6-1F9095181258}C:2\source\hl2.exe] => (Allow) C:2\source\hl2.exe
FirewallRules: [TCP Query User{63D27EB1-11FD-480D-887C-72B7DB8153FA}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [UDP Query User{20ECECCF-6852-4DFF-8293-6D7DE4A2E93B}C:3\source\hl2.exe] => (Allow) C:3\source\hl2.exe
FirewallRules: [TCP Query User{7A6CAE1A-0EAF-41A6-9F6A-AAE58E7F26E3}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [UDP Query User{F36D404E-6AEF-46A1-8FD6-607089C31043}I:\source\hl2.exe] => (Allow) I:\source\hl2.exe
FirewallRules: [TCP Query User{904F730E-0A91-4A60-BFA7-4BB9E0A3C052}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [UDP Query User{9B48AEFE-9A21-4304-AAC0-264F693BC819}E:\games\shadowrun returns - deluxe edition\shadowrun.exe] => (Allow) E:\games\shadowrun returns - deluxe edition\shadowrun.exe
FirewallRules: [TCP Query User{D4986D90-1A30-4404-9990-D236A5801D80}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [UDP Query User{0AFEC170-0AC4-4988-8696-6AA1AF104372}E:\games\freelancer\exe\freelancer.exe] => (Allow) E:\games\freelancer\exe\freelancer.exe
FirewallRules: [{6A5928C7-BD51-4EA5-947D-BE3069A246AE}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E83C974-2F25-44CA-8A62-B016CB8E6AD3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{44FCAB8D-4DCA-4777-94D3-97E917C70419}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{299ECABA-43BF-43EB-8AA5-7A4146255A39}E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) E:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [TCP Query User{D50FC51A-0326-477C-9EA7-DF0F3864599D}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [UDP Query User{69B5EEFA-0DC5-4F2C-8783-30F45A2ADDFD}I:\spiele\cs 1.6\hl.exe] => (Allow) I:\spiele\cs 1.6\hl.exe
FirewallRules: [TCP Query User{FAE7C376-4513-44A1-98B2-674C6B305404}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{BFDE385F-BB59-45BD-9088-6F662412F464}I:\spiele\source\hl2.exe] => (Block) I:\spiele\source\hl2.exe
FirewallRules: [TCP Query User{9A568C9B-6B94-48FF-B83F-50209A165AA1}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{B3A29930-3B4A-49DD-8D8B-C360106C7F18}E:\games\star wars battlefront\starwarsbattlefront.exe] => (Allow) E:\games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CD6E8607-95BF-428A-A66A-23E89D57AC9A}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{49DEE857-2BB1-4AE4-B910-52255A929239}] => (Allow) E:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [TCP Query User{BF273DA2-ABDF-49EF-AC97-76BFB9EF15EA}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [UDP Query User{49FB96A8-143C-4F47-95FE-C29AC8D4DE41}E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe] => (Allow) E:\program files (x86)\ubisoft game launcher\games\forhonorbeta\forhonor.exe
FirewallRules: [TCP Query User{DD98B784-9E4C-47A9-BC1E-9057F4581C10}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [UDP Query User{425D8F68-8D9B-44D6-9943-C8BBF614BC73}J:\spiele\source\hl2.exe] => (Allow) J:\spiele\source\hl2.exe
FirewallRules: [{1BB09D4A-02F6-443D-B0B6-799EAB4B66CA}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{9DD32326-A4EE-483E-8A8A-BFDAAE5B766C}] => (Allow) E:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{D56D9936-7DB6-4E15-AD42-3FF1D1D38390}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9E06866D-EF31-4EF5-83E0-D2DF04AB9CDD}E:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) E:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{093B8C02-538C-4351-B200-C6BAD15889CB}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3397FC1D-C706-46FC-A231-10B28D4CDDE9}] => (Allow) E:\Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{C1D93A8D-F609-42DD-A6F2-ACAFEE52B92C}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{19F675E8-444B-4E8A-B3BD-341D3016F81D}] => (Allow) E:\Games\Battlefield 1\bf1.exe
FirewallRules: [{1EED93C3-6CEB-4D29-8DB1-FB6B22FB6CC1}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{40FDCA7C-E115-4ECF-B740-C3AEC4B08B75}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8E41E29F-203B-4B2D-BADC-44074E695A9E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{6AED975D-8614-4EBD-94F4-4093DD721687}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{2324AB87-564F-4C0A-AE6B-513AA940F257}] => (Allow) E:\Program Files (x86)\Ubisoft Game Launcher\games\Steep\steep.exe
FirewallRules: [TCP Query User{15DB37B0-88D7-4C90-ABD5-FB70256139AE}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [UDP Query User{ACCFF4D0-DD59-4DE7-B054-51F559EA56D0}F:\program files (x86)\battlefield 2142\bf2142.exe] => (Allow) F:\program files (x86)\battlefield 2142\bf2142.exe
FirewallRules: [TCP Query User{FBE0A1C6-B21C-4BFE-8346-0DFDDF33D78D}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{B646017F-B7BB-4127-82EA-FF67E13AD123}E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe] => (Allow) E:\games\borderlands 2 goty\binaries\win32\borderlands2.exe
FirewallRules: [{C72C32BE-B2DE-45CA-AFDE-1806145DEB86}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{004F7B7C-A6F1-4462-87BA-6F3D2DBD1E74}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D1B49A33-DD34-4964-BFAB-DD58221DDD8B}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F12207C9-3026-4864-9ABF-60A8CD8F0416}] => (Allow) G:\Programme(x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{03929161-C492-4DDA-8479-383C3E1D3A4C}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{B81F7015-08FB-4FDB-8E59-57C9366FE658}G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) G:\programme(x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FDA6D588-66B4-486F-8F02-A7C601490150}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{FC4219EA-BC7A-4703-8C7F-76A5434F437E}F:\program files (x86)\anno 1404\tools\addonweb.exe] => (Allow) F:\program files (x86)\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{964F99B9-3BA8-4E75-BC5E-38EC749D6758}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [UDP Query User{73AD725E-DBA5-4CE4-977A-92A5AA873AA4}F:\program files (x86)\anno 1404\addon.exe] => (Allow) F:\program files (x86)\anno 1404\addon.exe
FirewallRules: [TCP Query User{D9A473E1-CC1A-449C-B4C3-A591FD532A6F}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [UDP Query User{063CAED6-E620-4F62-B416-F9C647F227FF}F:\my games\scrap mechanic\release\scrapmechanic.exe] => (Allow) F:\my games\scrap mechanic\release\scrapmechanic.exe
FirewallRules: [{6C409CD5-F401-4968-869D-C365B73ECDE8}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{FBA6016C-33A6-4E45-BD6D-3809DC6E634D}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{898CB61A-66EE-44F4-8E06-4F951295A60E}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{93A2E88A-A380-4A2F-88FA-744883B130DA}F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{06D7096D-7CFE-4468-825C-0992052CFB3E}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [{B48A59B3-968B-4B66-B9AB-40550CA99D89}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\F1 2016\F1_2016.exe
FirewallRules: [TCP Query User{47D5415F-4301-473E-A963-FEC9DB19A14C}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [UDP Query User{AE14DAF7-D4BB-489F-A2D7-E3D877951980}F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe] => (Allow) F:\my games\company of heroes - anthology (new steam version)\reliccoh.exe
FirewallRules: [TCP Query User{36F35810-DD34-4A9E-88ED-68170018D7F2}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [UDP Query User{172F917F-8DD4-4D6D-9860-D8828F4CB896}F:\my games\xiii\system\xiii.exe] => (Allow) F:\my games\xiii\system\xiii.exe
FirewallRules: [TCP Query User{EAF18D17-E6E4-42BE-B905-F7E4E77352C7}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [UDP Query User{0A601DE9-F450-404C-9EAD-75B40F527FE6}F:\my games\splinter cell conviction\src\system\conviction_game.exe] => (Block) F:\my games\splinter cell conviction\src\system\conviction_game.exe
FirewallRules: [TCP Query User{6FD75BE8-0C6F-42D2-A567-0CBF34D36AE9}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [UDP Query User{30A8F9E1-7A11-4270-A306-0780762D6A88}C:\program files (x86)\factorio\bin\x64\factorio.exe] => (Allow) C:\program files (x86)\factorio\bin\x64\factorio.exe
FirewallRules: [{F03457E1-E54D-47DB-AEB3-83127504F64C}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{C3D0F4FA-D468-466C-BE4A-59096B576FE3}] => (Allow) F:\My Games\SteamLibrary\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [TCP Query User{943DF355-C27A-4068-A3D4-0A3705F24603}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [UDP Query User{9A1663EE-76D4-4F7D-8AAF-58EA2C874014}F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe] => (Allow) F:\my games\steamlibrary\steamapps\common\sniper elite 3\bin\sniperelite3.exe
FirewallRules: [{3DA85164-269E-4B35-862B-752AF92B4F90}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{AEBEB0B7-47C3-4740-B7F3-F79EC6798755}] => (Allow) E:\Origin\Need for Speed\NFS16.exe
FirewallRules: [{78B1760B-B9BB-4267-B223-AE7FD30067FB}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{CA8C6DE2-CB3E-4427-AB0C-E0E015F7C811}] => (Allow) E:\Origin\Need for Speed\NFS16_trial.exe
FirewallRules: [{05A14CB4-7793-4B6B-BBCE-FB0978B9CE7B}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5B0F65BE-AA73-4971-8647-7204FF7CB972}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B426D836-7060-4922-8B7C-2399AC1C579E}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{91151B08-6EE4-4970-B8B5-C5E1E0028DD0}] => (Allow) C:\Program Files (x86)\MIO\loader\samsungxssdx750xevox250gb_s2s5nwagc01819j.dat
FirewallRules: [{8189138C-85C8-4812-A5AA-FF397513D221}] => (Allow) C:\Program Files (x86)\Eggper\Application\chrome.exe
FirewallRules: [{39256E65-D6B5-4E1C-9FB5-451B0CDBCB09}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{C778E123-1B5A-4C4B-B79D-5B74E2A4B689}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{893EEA5E-D56C-472A-A110-ECB5DEFB4617}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{4DDA1A11-1430-4C08-9DAA-2F4D11678529}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{27604BAD-C7EA-4574-86A0-BBA8A5311DFD}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{1375D8B5-B7E9-45ED-BCAB-82A395C82CBF}] => (Allow) G:\Programme(x86)\Origin Games\Battlefield 1\bf1.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/13/2017 02:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x207c
Startzeit der fehlerhaften Anwendung: 0x01d2cbe5c4d9ea94
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: feb139b2-c6ae-4b72-9e93-686028502576
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/13/2017 02:38:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1808
Startzeit der fehlerhaften Anwendung: 0x01d2cbe5a4256d95
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 73d41d44-6016-4ff5-bdcf-7221ec1d1a88
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/13/2017 02:37:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Origin.exe, Version: 10.4.9.38188, Zeitstempel: 0x58ec1b94
Name des fehlerhaften Moduls: Qt5WebEngineCore.dll, Version: 5.6.0.0, Zeitstempel: 0x58d5ce5a
Ausnahmecode: 0x80000003
Fehleroffset: 0x007de773
ID des fehlerhaften Prozesses: 0x1a20
Startzeit der fehlerhaften Anwendung: 0x01d2cbe5ac0817f5
Pfad der fehlerhaften Anwendung: E:\Origin\Origin.exe
Pfad des fehlerhaften Moduls: E:\Origin\Qt5WebEngineCore.dll
Berichtskennung: d3d0f61e-a150-44df-ba7f-853f3c052748
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/13/2017 02:37:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/13/2017 02:37:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "F:\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/12/2017 02:44:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.14393.0, Zeitstempel: 0x57899002
Name des fehlerhaften Moduls: deskapp.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x59157a46
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001b58
ID des fehlerhaften Prozesses: 0x1db8
Startzeit der fehlerhaften Anwendung: 0x01d2cb1d4a0d0fc0
Pfad der fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe
Pfad des fehlerhaften Moduls: deskapp.dll
Berichtskennung: 6f7722d5-b025-4288-ba2b-ea19faeb74ed
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/12/2017 10:08:26 AM) (Source: COM) (EventID: 10031) (User: )
Description: Eine das Marshalling aufhebende Richtlinienprüfung wurde ausgeführt, als das Marshalling eines benutzerdefinierten gemarshallten Objekts aufgehoben wurde. Die Klasse "{2CD39202-3A2F-4935-9A86-65B919919A7F}" wurde abgelehnt.
Error: (05/12/2017 09:58:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1114
Startzeit der fehlerhaften Anwendung: 0x01d2caf56e16160a
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: bae5fa1b-ce62-457f-88aa-031bf0d39638
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x21b4
Startzeit der fehlerhaften Anwendung: 0x01d2caf56c50e439
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 081bb93e-706e-4ac7-b4f7-25ecff323d59
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/12/2017 09:57:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1b5c
Startzeit der fehlerhaften Anwendung: 0x01d2caf56a05adab
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 4f210802-3077-45eb-8b75-e87a7490733d
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (05/13/2017 02:38:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/13/2017 02:37:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/13/2017 02:36:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/13/2017 02:36:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Error: (05/13/2017 02:36:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.05.2017 um 22:09:01 unerwartet heruntergefahren.
Error: (05/12/2017 07:11:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.243.272.0)
Error: (05/12/2017 07:11:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (05/12/2017 07:11:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (05/12/2017 03:25:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.243.272.0)
Error: (05/12/2017 03:21:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NPASRE" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-05-11 14:11:59.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.489
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.273
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.012
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.366
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:58.334
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8153.38 MB
Verfügbarer physikalischer RAM: 5343.43 MB
Summe virtueller Speicher: 11353.38 MB
Verfügbarer virtueller Speicher: 8541.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.36 GB) (Free:9.25 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:976.56 GB) (Free:284 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.35 GB) (Free:203.41 GB) NTFS
Drive g: (Lokaler Datenträger ) (Fixed) (Total:232.33 GB) (Free:30.4 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C6ECC302)
Partition 1: (Active) - (Size=118.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C6ECC30A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter 14:42:54.0717 0x2130 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
14:42:54.0717 0x2130 UEFI system
14:42:57.0448 0x2130 ============================================================
14:42:57.0448 0x2130 Current date / time: 2017/05/13 14:42:57.0448
14:42:57.0448 0x2130 SystemInfo:
14:42:57.0448 0x2130
14:42:57.0448 0x2130 OS Version: 10.0.14393 ServicePack: 0.0
14:42:57.0448 0x2130 Product type: Workstation
14:42:57.0448 0x2130 ComputerName: LEANDER-PC
14:42:57.0448 0x2130 UserName: Leander
14:42:57.0448 0x2130 Windows directory: C:\Windows
14:42:57.0448 0x2130 System windows directory: C:\Windows
14:42:57.0449 0x2130 Running under WOW64
14:42:57.0449 0x2130 Processor architecture: Intel x64
14:42:57.0449 0x2130 Number of processors: 4
14:42:57.0449 0x2130 Page size: 0x1000
14:42:57.0449 0x2130 Boot type: Normal boot
14:42:57.0449 0x2130 CodeIntegrityOptions = 0x00000001
14:42:57.0449 0x2130 ============================================================
14:42:57.0531 0x2130 KLMD registered as C:\Windows\system32\drivers\26958138.sys
14:42:57.0531 0x2130 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
14:42:58.0068 0x2130 System UUID: {8CCDA955-6497-7736-F726-DDFA77316200}
14:42:58.0467 0x2130 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:58.0467 0x2130 Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:58.0479 0x2130 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:59.0765 0x2130 ============================================================
14:42:59.0765 0x2130 \Device\Harddisk0\DR0:
14:42:59.0767 0x2130 GPT partitions:
14:42:59.0767 0x2130 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {437027FD-0580-422F-8C72-A894757F2ECB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
14:42:59.0767 0x2130 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {43BAF697-AFF4-40FD-BE5B-6C59909053B8}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
14:42:59.0767 0x2130 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F18D0E99-3695-4F7B-B6BC-F6B10B831E5B}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
14:42:59.0767 0x2130 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {24ABC7D4-2AB8-4BAF-928D-EA62F06E72E6}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1D0AA000
14:42:59.0767 0x2130 MBR partitions:
14:42:59.0767 0x2130 \Device\Harddisk1\DR1:
14:42:59.0767 0x2130 MBR partitions:
14:42:59.0767 0x2130 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xECB9000
14:42:59.0767 0x2130 \Device\Harddisk2\DR2:
14:42:59.0770 0x2130 MBR partitions:
14:42:59.0770 0x2130 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:42:59.0770 0x2130 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7A120000
14:42:59.0770 0x2130 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x7A152800, BlocksNum 0x6ECB5000
14:42:59.0770 0x2130 ============================================================
14:42:59.0772 0x2130 C: <-> \Device\Harddisk1\DR1\Partition1
14:42:59.0792 0x2130 D: <-> \Device\Harddisk2\DR2\Partition1
14:42:59.0813 0x2130 E: <-> \Device\Harddisk2\DR2\Partition2
14:42:59.0899 0x2130 F: <-> \Device\Harddisk2\DR2\Partition3
14:42:59.0902 0x2130 G: <-> \Device\Harddisk0\DR0\Partition4
14:42:59.0902 0x2130 ============================================================
14:42:59.0902 0x2130 Initialize success
14:42:59.0902 0x2130 ============================================================
14:43:35.0051 0x27bc ============================================================
14:43:35.0051 0x27bc Scan started
14:43:35.0051 0x27bc Mode: Manual; SigCheck; TDLFS;
14:43:35.0051 0x27bc ============================================================
14:43:35.0051 0x27bc KSN ping started
14:43:35.0152 0x27bc KSN ping finished: true
14:43:36.0357 0x27bc ================ Scan system memory ========================
14:43:36.0357 0x27bc System memory - ok
14:43:36.0357 0x27bc ================ Scan services =============================
14:43:36.0407 0x27bc 1394ohci - ok
14:43:36.0410 0x27bc 3ware - ok
14:43:36.0412 0x27bc ACPI - ok
14:43:36.0415 0x27bc AcpiDev - ok
14:43:36.0417 0x27bc acpiex - ok
14:43:36.0420 0x27bc acpipagr - ok
14:43:36.0424 0x27bc AcpiPmi - ok
14:43:36.0426 0x27bc acpitime - ok
14:43:36.0461 0x27bc [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:43:36.0545 0x27bc AdobeFlashPlayerUpdateSvc - ok
14:43:36.0568 0x27bc [ 5B4D60ACCEA6918DBBB8C9FD4ADBDD29, FE3A768A76B673DCD09716F600D52B53A6EABEC6AA65E0DE89144F322E8571B8 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
14:43:36.0588 0x27bc AdobeUpdateService - ok
14:43:36.0594 0x27bc ADP80XX - ok
14:43:36.0598 0x27bc AFD - ok
14:43:36.0644 0x27bc [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
14:43:36.0794 0x27bc AGSService - ok
14:43:36.0799 0x27bc ahcache - ok
14:43:36.0801 0x27bc AJRouter - ok
14:43:36.0804 0x27bc ALG - ok
14:43:36.0807 0x27bc AmdK8 - ok
14:43:36.0810 0x27bc AmdPPM - ok
14:43:36.0813 0x27bc amdsata - ok
14:43:36.0816 0x27bc amdsbs - ok
14:43:36.0818 0x27bc amdxata - ok
14:43:36.0821 0x27bc AppID - ok
14:43:36.0824 0x27bc AppIDSvc - ok
14:43:36.0827 0x27bc Appinfo - ok
14:43:36.0833 0x27bc [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:43:36.0842 0x27bc Apple Mobile Device Service - ok
14:43:36.0845 0x27bc applockerfltr - ok
14:43:36.0848 0x27bc AppMgmt - ok
14:43:36.0850 0x27bc AppReadiness - ok
14:43:36.0853 0x27bc AppVClient - ok
14:43:36.0855 0x27bc AppvStrm - ok
14:43:36.0858 0x27bc AppvVemgr - ok
14:43:36.0861 0x27bc AppvVfs - ok
14:43:36.0863 0x27bc AppXSvc - ok
14:43:36.0866 0x27bc arcsas - ok
14:43:36.0868 0x27bc AsyncMac - ok
14:43:36.0872 0x27bc atapi - ok
14:43:36.0881 0x27bc [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
14:43:36.0897 0x27bc atksgt - ok
14:43:36.0901 0x27bc AudioEndpointBuilder - ok
14:43:36.0903 0x27bc Audiosrv - ok
14:43:36.0905 0x27bc AxInstSV - ok
14:43:36.0909 0x27bc b06bdrv - ok
14:43:36.0912 0x27bc BasicDisplay - ok
14:43:36.0915 0x27bc BasicRender - ok
14:43:36.0919 0x27bc bcmfn - ok
14:43:36.0921 0x27bc bcmfn2 - ok
14:43:36.0924 0x27bc BDESVC - ok
14:43:36.0926 0x27bc Beep - ok
14:43:36.0955 0x27bc [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:43:37.0063 0x27bc BEService - ok
14:43:37.0067 0x27bc BFE - ok
14:43:37.0103 0x27bc [ 3B41718EA7D90C152E96699E39A26824, F0841B1C99666EC956ACFBB49060919C67D4793AF5FCD482D65619817F3AD8DB ] BIT C:\ProgramData\BIT\BIT.dll
14:43:37.0236 0x27bc BIT - detected UnsignedFile.Multi.Generic ( 1 )
14:43:37.0397 0x27bc BIT ( UnsignedFile.Multi.Generic ) - warning
14:43:37.0525 0x27bc BITS - ok
14:43:37.0528 0x27bc bowser - ok
14:43:37.0531 0x27bc BrokerInfrastructure - ok
14:43:37.0534 0x27bc Browser - ok
14:43:37.0537 0x27bc BthAvrcpTg - ok
14:43:37.0540 0x27bc BthHFEnum - ok
14:43:37.0543 0x27bc bthhfhid - ok
14:43:37.0546 0x27bc BthHFSrv - ok
14:43:37.0549 0x27bc BTHMODEM - ok
14:43:37.0552 0x27bc bthserv - ok
14:43:37.0556 0x27bc buttonconverter - ok
14:43:37.0558 0x27bc CapImg - ok
14:43:37.0562 0x27bc cdfs - ok
14:43:37.0565 0x27bc CDPSvc - ok
14:43:37.0568 0x27bc CDPUserSvc - ok
14:43:37.0571 0x27bc cdrom - ok
14:43:37.0574 0x27bc CertPropSvc - ok
14:43:37.0578 0x27bc cht4iscsi - ok
14:43:37.0581 0x27bc cht4vbd - ok
14:43:37.0584 0x27bc circlass - ok
14:43:37.0587 0x27bc CLFS - ok
14:43:37.0589 0x27bc ClipSVC - ok
14:43:37.0593 0x27bc clreg - ok
14:43:37.0600 0x27bc cmanvwhc - ok
14:43:37.0602 0x27bc CmBatt - ok
14:43:37.0605 0x27bc CNG - ok
14:43:37.0607 0x27bc cnghwassist - ok
14:43:37.0627 0x27bc CompositeBus - ok
14:43:37.0630 0x27bc COMSysApp - ok
14:43:37.0633 0x27bc condrv - ok
14:43:37.0636 0x27bc CoreMessagingRegistrar - ok
14:43:37.0640 0x27bc CryptSvc - ok
14:43:37.0644 0x27bc CSC - ok
14:43:37.0647 0x27bc CscService - ok
14:43:37.0650 0x27bc dam - ok
14:43:37.0652 0x27bc dc1-controller - ok
14:43:37.0656 0x27bc DcomLaunch - ok
14:43:37.0658 0x27bc DcpSvc - ok
14:43:37.0661 0x27bc defragsvc - ok
14:43:37.0664 0x27bc DeviceAssociationService - ok
14:43:37.0666 0x27bc DeviceInstall - ok
14:43:37.0669 0x27bc DevQueryBroker - ok
14:43:37.0671 0x27bc Dfsc - ok
14:43:37.0674 0x27bc Dhcp - ok
14:43:37.0679 0x27bc diagnosticshub.standardcollector.service - ok
14:43:37.0681 0x27bc DiagTrack - ok
14:43:37.0684 0x27bc disk - ok
14:43:37.0687 0x27bc DmEnrollmentSvc - ok
14:43:37.0689 0x27bc dmvsc - ok
14:43:37.0692 0x27bc dmwappushservice - ok
14:43:37.0696 0x27bc Dnscache - ok
14:43:37.0700 0x27bc dot3svc - ok
14:43:37.0703 0x27bc DPS - ok
14:43:37.0705 0x27bc drmkaud - ok
14:43:37.0708 0x27bc DsmSvc - ok
14:43:37.0712 0x27bc DsSvc - ok
14:43:37.0715 0x27bc [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\Windows\System32\drivers\dtlitescsibus.sys
14:43:37.0723 0x27bc dtlitescsibus - ok
14:43:37.0727 0x27bc [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\Windows\System32\drivers\dtliteusbbus.sys
14:43:37.0733 0x27bc dtliteusbbus - ok
14:43:37.0736 0x27bc DXGKrnl - ok
14:43:37.0739 0x27bc EapHost - ok
14:43:37.0742 0x27bc ebdrv - ok
14:43:37.0746 0x27bc EFS - ok
14:43:37.0748 0x27bc EhStorClass - ok
14:43:37.0751 0x27bc EhStorTcgDrv - ok
14:43:37.0755 0x27bc [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:43:37.0763 0x27bc ElbyCDIO - ok
14:43:37.0766 0x27bc embeddedmode - ok
14:43:37.0768 0x27bc EntAppSvc - ok
14:43:37.0811 0x27bc [ 0E840AA66CAB02CBA9730C772BBE305B, 8862583E653D13D1D10A1A4A33704E4F70576E80370943AAFD1EAED6657A0104 ] epp E:\PROGRAM FILES (X86)\bin64\epp.sys
14:43:37.0837 0x27bc epp - ok
14:43:37.0840 0x27bc ErrDev - ok
14:43:37.0845 0x27bc [ FD291A75ECAF197F07BD2040C2A7322A, B4DE1B8A75928C8E6DF870A7B6F286EAA0B9A5D9443E99B66633F8B60013AC67 ] EtronHub3 C:\Windows\System32\Drivers\EtronHub3.sys
14:43:37.0862 0x27bc EtronHub3 - ok
14:43:37.0866 0x27bc [ 5476930AF190E6E2FAF7FA7112C2D4D7, 23D0F90169F9A12C37037D56C87368CA827CFEFA9D7A71341D83EB4D92E32188 ] EtronSTOR C:\Windows\System32\Drivers\EtronSTOR.sys
14:43:37.0877 0x27bc EtronSTOR - ok
14:43:37.0881 0x27bc [ DDE9068F9BAC0210195F217AA39B9276, 3AE8CE03B0F93EF6006B46F8DFD5523F6C1951D98FB9A411EA90261C368A453F ] EtronXHCI C:\Windows\System32\Drivers\EtronXHCI.sys
14:43:37.0894 0x27bc EtronXHCI - ok
14:43:37.0899 0x27bc EventSystem - ok
14:43:37.0901 0x27bc exfat - ok
14:43:37.0904 0x27bc fastfat - ok
14:43:37.0906 0x27bc Fax - ok
14:43:37.0909 0x27bc fdc - ok
14:43:37.0912 0x27bc fdPHost - ok
14:43:37.0915 0x27bc FDResPub - ok
14:43:37.0919 0x27bc fhsvc - ok
14:43:37.0922 0x27bc FileCrypt - ok
14:43:37.0924 0x27bc FileInfo - ok
14:43:37.0928 0x27bc Filetrace - ok
14:43:37.0935 0x27bc [ 8959966AE0ABB64671F65D1E854D6346, 0815DB4E7E3F48362B12974CCFD7FE64FC85B96A9FD35039BC7E32807EEB1C3E ] FirefoxU C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
14:43:37.0979 0x27bc FirefoxU - ok
14:43:37.0982 0x27bc flpydisk - ok
14:43:37.0985 0x27bc FltMgr - ok
14:43:37.0991 0x27bc FontCache - ok
14:43:37.0998 0x27bc FontCache3.0.0.0 - ok
14:43:38.0035 0x27bc [ EB959B686074EA0D27A3AB42E8024D37, B85A59F2898AF536652FF65CE53822B11108E2241B34ABB693BDFC06C32DAE17 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
14:43:38.0172 0x27bc FoxitReaderService - ok
14:43:38.0177 0x27bc FrameServer - ok
14:43:38.0180 0x27bc FsDepends - ok
14:43:38.0182 0x27bc Fs_Rec - ok
14:43:38.0187 0x27bc fvevol - ok
14:43:38.0190 0x27bc gencounter - ok
14:43:38.0193 0x27bc genericusbfn - ok
14:43:38.0196 0x27bc GPIOClx0101 - ok
14:43:38.0198 0x27bc gpsvc - ok
14:43:38.0201 0x27bc GpuEnergyDrv - ok
14:43:38.0205 0x27bc [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\Windows\System32\drivers\Hamdrv.sys
14:43:38.0233 0x27bc Hamachi - ok
14:43:38.0237 0x27bc HdAudAddService - ok
14:43:38.0239 0x27bc HDAudBus - ok
14:43:38.0242 0x27bc HidBatt - ok
14:43:38.0245 0x27bc HidBth - ok
14:43:38.0250 0x27bc hidi2c - ok
14:43:38.0252 0x27bc hidinterrupt - ok
14:43:38.0255 0x27bc HidIr - ok
14:43:38.0257 0x27bc hidserv - ok
14:43:38.0260 0x27bc HidUsb - ok
14:43:38.0262 0x27bc HomeGroupListener - ok
14:43:38.0265 0x27bc HomeGroupProvider - ok
14:43:38.0267 0x27bc HpSAMD - ok
14:43:38.0270 0x27bc HTTP - ok
14:43:38.0272 0x27bc HvHost - ok
14:43:38.0275 0x27bc hvservice - ok
14:43:38.0278 0x27bc hwpolicy - ok
14:43:38.0281 0x27bc hyperkbd - ok
14:43:38.0284 0x27bc i8042prt - ok
14:43:38.0286 0x27bc iagpio - ok
14:43:38.0289 0x27bc iai2c - ok
14:43:38.0292 0x27bc iaLPSS2i_GPIO2 - ok
14:43:38.0294 0x27bc iaLPSS2i_I2C - ok
14:43:38.0297 0x27bc iaLPSSi_GPIO - ok
14:43:38.0300 0x27bc iaLPSSi_I2C - ok
14:43:38.0302 0x27bc iaStorAV - ok
14:43:38.0305 0x27bc iaStorV - ok
14:43:38.0308 0x27bc ibbus - ok
14:43:38.0312 0x27bc icssvc - ok
14:43:38.0315 0x27bc IKEEXT - ok
14:43:38.0317 0x27bc IndirectKmd - ok
14:43:38.0320 0x27bc intelide - ok
14:43:38.0323 0x27bc intelpep - ok
14:43:38.0325 0x27bc intelppm - ok
14:43:38.0328 0x27bc iorate - ok
14:43:38.0331 0x27bc IpFilterDriver - ok
14:43:38.0333 0x27bc iphlpsvc - ok
14:43:38.0336 0x27bc IPMIDRV - ok
14:43:38.0338 0x27bc IPNAT - ok
14:43:38.0340 0x27bc irda - ok
14:43:38.0343 0x27bc IRENUM - ok
14:43:38.0346 0x27bc irmon - ok
14:43:38.0349 0x27bc isapnp - ok
14:43:38.0351 0x27bc iScsiPrt - ok
14:43:38.0354 0x27bc kbdclass - ok
14:43:38.0357 0x27bc kbdhid - ok
14:43:38.0360 0x27bc kdnic - ok
14:43:38.0363 0x27bc KeyIso - ok
14:43:38.0365 0x27bc KSecDD - ok
14:43:38.0368 0x27bc KSecPkg - ok
14:43:38.0371 0x27bc ksthunk - ok
14:43:38.0373 0x27bc KtmRm - ok
14:43:38.0378 0x27bc [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\System32\drivers\L1C63x64.sys
14:43:38.0386 0x27bc L1C - ok
14:43:38.0389 0x27bc LanmanServer - ok
14:43:38.0392 0x27bc LanmanWorkstation - ok
14:43:38.0397 0x27bc lfsvc - ok
14:43:38.0399 0x27bc LicenseManager - ok
14:43:38.0403 0x27bc [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
14:43:38.0409 0x27bc lirsgt - ok
14:43:38.0412 0x27bc lltdio - ok
14:43:38.0414 0x27bc lltdsvc - ok
14:43:38.0417 0x27bc lmhosts - ok
14:43:38.0420 0x27bc LSI_SAS - ok
14:43:38.0423 0x27bc LSI_SAS2i - ok
14:43:38.0425 0x27bc LSI_SAS3i - ok
14:43:38.0429 0x27bc LSI_SSS - ok
14:43:38.0432 0x27bc LSM - ok
14:43:38.0434 0x27bc luafv - ok
14:43:38.0436 0x27bc MapsBroker - ok
14:43:38.0526 0x27bc [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
14:43:38.0631 0x27bc MBAMService - ok
14:43:38.0638 0x27bc megasas - ok
14:43:38.0640 0x27bc megasas2i - ok
14:43:38.0644 0x27bc megasr - ok
14:43:38.0648 0x27bc [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
14:43:38.0655 0x27bc MEIx64 - ok
14:43:38.0659 0x27bc MessagingService - ok
14:43:38.0664 0x27bc mlx4_bus - ok
14:43:38.0667 0x27bc MMCSS - ok
14:43:38.0669 0x27bc Modem - ok
14:43:38.0672 0x27bc monitor - ok
14:43:38.0675 0x27bc mouclass - ok
14:43:38.0678 0x27bc mouhid - ok
14:43:38.0681 0x27bc mountmgr - ok
14:43:38.0686 0x27bc [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:43:38.0735 0x27bc MozillaMaintenance - ok
14:43:38.0738 0x27bc mpsdrv - ok
14:43:38.0741 0x27bc MpsSvc - ok
14:43:38.0746 0x27bc MRxDAV - ok
14:43:38.0749 0x27bc mrxsmb - ok
14:43:38.0751 0x27bc mrxsmb10 - ok
14:43:38.0754 0x27bc mrxsmb20 - ok
14:43:38.0756 0x27bc MsBridge - ok
14:43:38.0759 0x27bc MSDTC - ok
14:43:38.0763 0x27bc Msfs - ok
14:43:38.0767 0x27bc msgpiowin32 - ok
14:43:38.0769 0x27bc mshidkmdf - ok
14:43:38.0772 0x27bc mshidumdf - ok
14:43:38.0774 0x27bc msisadrv - ok
14:43:38.0777 0x27bc MSiSCSI - ok
14:43:38.0780 0x27bc msiserver - ok
14:43:38.0782 0x27bc MSKSSRV - ok
14:43:38.0785 0x27bc MsLldp - ok
14:43:38.0787 0x27bc MSPCLOCK - ok
14:43:38.0790 0x27bc MSPQM - ok
14:43:38.0793 0x27bc MsRPC - ok
14:43:38.0797 0x27bc MsSecFlt - ok
14:43:38.0800 0x27bc mssmbios - ok
14:43:38.0803 0x27bc MSTEE - ok
14:43:38.0812 0x27bc [ 03B10F7E7244E6A41922394C3116929D, 2497D05048D4179F734092DA7A3D372B6F6E934E09E5C9DABDFA23C6DAD25E8A ] mt7612US C:\Windows\System32\drivers\mt7612US.sys
14:43:38.0832 0x27bc mt7612US - ok
14:43:38.0835 0x27bc MTConfig - ok
14:43:38.0838 0x27bc Mup - ok
14:43:38.0841 0x27bc mvumis - ok
14:43:38.0845 0x27bc NativeWifiP - ok
14:43:38.0848 0x27bc NcaSvc - ok
14:43:38.0851 0x27bc NcbService - ok
14:43:38.0854 0x27bc NcdAutoSetup - ok
14:43:38.0857 0x27bc ndfltr - ok
14:43:38.0860 0x27bc NDIS - ok
14:43:38.0862 0x27bc NdisCap - ok
14:43:38.0866 0x27bc NdisImPlatform - ok
14:43:38.0868 0x27bc NdisTapi - ok
14:43:38.0870 0x27bc Ndisuio - ok
14:43:38.0873 0x27bc NdisVirtualBus - ok
14:43:38.0876 0x27bc NdisWan - ok
14:43:38.0878 0x27bc ndiswanlegacy - ok
14:43:38.0881 0x27bc ndproxy - ok
14:43:38.0883 0x27bc Ndu - ok
14:43:38.0886 0x27bc NetAdapterCx - ok
14:43:38.0889 0x27bc NetBIOS - ok
14:43:38.0893 0x27bc NetBT - ok
14:43:38.0896 0x27bc Netlogon - ok
14:43:38.0899 0x27bc Netman - ok
14:43:38.0902 0x27bc netprofm - ok
14:43:38.0905 0x27bc NetSetupSvc - ok
14:43:38.0917 0x27bc NetTcpPortSharing - ok
14:43:38.0921 0x27bc NgcCtnrSvc - ok
14:43:38.0923 0x27bc NgcSvc - ok
14:43:38.0926 0x27bc NlaSvc - ok
14:43:38.0947 0x27bc [ 1B5804655497799161B5DCF919C7827C, F930FE7A13AC2645751CF559FBDED5FB4336DCF6D4AC11107566C526A3D5390D ] NPASRE C:\Users\Leander\AppData\Local\NPASRE\Snare.dll
14:43:38.0991 0x27bc NPASRE - detected UnsignedFile.Multi.Generic ( 1 )
14:43:39.0090 0x27bc NPASRE ( UnsignedFile.Multi.Generic ) - warning
14:43:39.0173 0x27bc Npfs - ok
14:43:39.0176 0x27bc npsvctrig - ok
14:43:39.0179 0x27bc nsi - ok
14:43:39.0182 0x27bc nsiproxy - ok
14:43:39.0186 0x27bc NTFS - ok
14:43:39.0189 0x27bc Null - ok
14:43:39.0198 0x27bc [ 219EB39D2F8CE26AA9A959DD53E68DE2, EBE3F231C7D564422A4E02C62276D6220E575F834B174E118D5B1A2582413CB1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:43:39.0223 0x27bc NVHDA - ok
14:43:39.0511 0x27bc [ 444B969DABB3F2D2176EF0BFAB42364F, 34468CC7A124D29130FE373BB987CB705C8767CD60F5B30CAD541F4B3F85BB55 ] nvlddmkm C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys
14:43:39.0784 0x27bc nvlddmkm - ok
14:43:39.0799 0x27bc nvraid - ok
14:43:39.0802 0x27bc nvstor - ok
14:43:39.0815 0x27bc [ 16006A9892E8AB4BFD4D555740E97CE1, 336364C97687380CC15B12EDDA0FD467084E8157AFA1B62A61F28AF37E923F76 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
14:43:39.0858 0x27bc NvTelemetryContainer - ok
14:43:39.0861 0x27bc OneSyncSvc - ok
14:43:39.0928 0x27bc [ D75A76EB38AD90E9AB34CAB1E50CE39E, 63345F673DD7CB590910C40C77D082EE47BF377F146E0C6D948E3CCD17512673 ] Origin Client Service E:\Origin\OriginClientService.exe
14:43:40.0018 0x27bc Origin Client Service - ok
14:43:40.0092 0x27bc [ 8901179D73E77060AD4EED7CB8924E10, 6ED27384A70499E3DF29ED43047E1D60E78F71D1A6820C5487C4621B42B0FFD5 ] Origin Web Helper Service E:\Origin\OriginWebHelperService.exe
14:43:40.0191 0x27bc Origin Web Helper Service - ok
14:43:40.0196 0x27bc p2pimsvc - ok
14:43:40.0199 0x27bc p2psvc - ok
14:43:40.0201 0x27bc Parport - ok
14:43:40.0204 0x27bc partmgr - ok
14:43:40.0207 0x27bc PcaSvc - ok
14:43:40.0210 0x27bc pci - ok
14:43:40.0213 0x27bc pciide - ok
14:43:40.0215 0x27bc pcmcia - ok
14:43:40.0218 0x27bc pcw - ok
14:43:40.0222 0x27bc pdc - ok
14:43:40.0224 0x27bc PEAUTH - ok
14:43:40.0226 0x27bc PeerDistSvc - ok
14:43:40.0229 0x27bc percsas2i - ok
14:43:40.0232 0x27bc percsas3i - ok
14:43:40.0258 0x27bc PerfHost - ok
14:43:40.0266 0x27bc PhoneSvc - ok
14:43:40.0268 0x27bc PimIndexMaintenanceSvc - ok
14:43:40.0273 0x27bc pla - ok
14:43:40.0276 0x27bc PlugPlay - ok
14:43:40.0279 0x27bc PnkBstrA - ok
14:43:40.0282 0x27bc PNRPAutoReg - ok
14:43:40.0285 0x27bc PNRPsvc - ok
14:43:40.0288 0x27bc PolicyAgent - ok
14:43:40.0291 0x27bc Power - ok
14:43:40.0295 0x27bc PptpMiniport - ok
14:43:40.0377 0x27bc [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
14:43:40.0496 0x27bc PrintNotify - ok
14:43:40.0502 0x27bc Processor - ok
14:43:40.0505 0x27bc ProfSvc - ok
14:43:40.0508 0x27bc Psched - ok
14:43:40.0511 0x27bc QWAVE - ok
14:43:40.0513 0x27bc QWAVEdrv - ok
14:43:40.0516 0x27bc RasAcd - ok
14:43:40.0519 0x27bc RasAgileVpn - ok
14:43:40.0522 0x27bc RasAuto - ok
14:43:40.0525 0x27bc Rasl2tp - ok
14:43:40.0529 0x27bc RasMan - ok
14:43:40.0531 0x27bc RasPppoe - ok
14:43:40.0534 0x27bc RasSstp - ok
14:43:40.0537 0x27bc rdbss - ok
14:43:40.0541 0x27bc rdpbus - ok
14:43:40.0544 0x27bc RDPDR - ok
14:43:40.0549 0x27bc RdpVideoMiniport - ok
14:43:40.0552 0x27bc rdyboost - ok
14:43:40.0554 0x27bc ReFSv1 - ok
14:43:40.0559 0x27bc RemoteAccess - ok
14:43:40.0562 0x27bc RemoteRegistry - ok
14:43:40.0565 0x27bc RetailDemo - ok
14:43:40.0568 0x27bc RmSvc - ok
14:43:40.0571 0x27bc RpcEptMapper - ok
14:43:40.0574 0x27bc RpcLocator - ok
14:43:40.0577 0x27bc RpcSs - ok
14:43:40.0580 0x27bc rspndr - ok
14:43:40.0583 0x27bc s3cap - ok
14:43:40.0586 0x27bc SamSs - ok
14:43:40.0589 0x27bc sbp2port - ok
14:43:40.0593 0x27bc SCardSvr - ok
14:43:40.0596 0x27bc ScDeviceEnum - ok
14:43:40.0599 0x27bc scfilter - ok
14:43:40.0602 0x27bc Schedule - ok
14:43:40.0605 0x27bc scmbus - ok
14:43:40.0608 0x27bc scmdisk0101 - ok
14:43:40.0611 0x27bc SCPolicySvc - ok
14:43:40.0614 0x27bc sdbus - ok
14:43:40.0617 0x27bc SDRSVC - ok
14:43:40.0620 0x27bc sdstor - ok
14:43:40.0622 0x27bc SecDrv - ok
14:43:40.0625 0x27bc seclogon - ok
14:43:40.0629 0x27bc SENS - ok
14:43:40.0632 0x27bc Sense - ok
14:43:40.0635 0x27bc SensorDataService - ok
14:43:40.0638 0x27bc SensorService - ok
14:43:40.0641 0x27bc SensrSvc - ok
14:43:40.0644 0x27bc SerCx - ok
14:43:40.0646 0x27bc SerCx2 - ok
14:43:40.0649 0x27bc Serenum - ok
14:43:40.0652 0x27bc Serial - ok
14:43:40.0655 0x27bc sermouse - ok
14:43:40.0662 0x27bc SessionEnv - ok
14:43:40.0666 0x27bc sfloppy - ok
14:43:40.0669 0x27bc SharedAccess - ok
14:43:40.0674 0x27bc ShellHWDetection - ok
14:43:40.0677 0x27bc shpamsvc - ok
14:43:40.0680 0x27bc SiSRaid2 - ok
14:43:40.0683 0x27bc SiSRaid4 - ok
14:43:40.0692 0x27bc [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:43:40.0736 0x27bc SkypeUpdate - ok
14:43:40.0739 0x27bc smphost - ok
14:43:40.0742 0x27bc SmsRouter - ok
14:43:40.0748 0x27bc SNMPTRAP - ok
14:43:40.0751 0x27bc spaceport - ok
14:43:40.0753 0x27bc SpbCx - ok
14:43:40.0756 0x27bc Spooler - ok
14:43:40.0759 0x27bc sppsvc - ok
14:43:40.0762 0x27bc srv - ok
14:43:40.0765 0x27bc srv2 - ok
14:43:40.0768 0x27bc srvnet - ok
14:43:40.0771 0x27bc SSDPSRV - ok
14:43:40.0773 0x27bc SstpSvc - ok
14:43:40.0777 0x27bc StateRepository - ok
14:43:40.0810 0x27bc [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:43:40.0929 0x27bc Steam Client Service - ok
14:43:40.0933 0x27bc stexstor - ok
14:43:40.0936 0x27bc stisvc - ok
14:43:40.0939 0x27bc storahci - ok
14:43:40.0942 0x27bc storflt - ok
14:43:40.0945 0x27bc stornvme - ok
14:43:40.0948 0x27bc storqosflt - ok
14:43:40.0951 0x27bc StorSvc - ok
14:43:40.0954 0x27bc storufs - ok
14:43:40.0956 0x27bc storvsc - ok
14:43:40.0960 0x27bc svsvc - ok
14:43:40.0964 0x27bc swenum - ok
14:43:40.0967 0x27bc swprv - ok
14:43:40.0970 0x27bc Synth3dVsc - ok
14:43:40.0973 0x27bc SysMain - ok
14:43:40.0976 0x27bc SystemEventsBroker - ok
14:43:40.0980 0x27bc TabletInputService - ok
14:43:40.0983 0x27bc TapiSrv - ok
14:43:40.0985 0x27bc Tcpip - ok
14:43:40.0988 0x27bc Tcpip6 - ok
14:43:40.0992 0x27bc tcpipreg - ok
14:43:40.0997 0x27bc tdx - ok
14:43:41.0000 0x27bc terminpt - ok
14:43:41.0003 0x27bc TermService - ok
14:43:41.0006 0x27bc Themes - ok
14:43:41.0009 0x27bc TieringEngineService - ok
14:43:41.0012 0x27bc tiledatamodelsvc - ok
14:43:41.0015 0x27bc TimeBrokerSvc - ok
14:43:41.0018 0x27bc TPM - ok
14:43:41.0021 0x27bc TrkWks - ok
14:43:41.0023 0x27bc TrustedInstaller - ok
14:43:41.0028 0x27bc tsusbflt - ok
14:43:41.0031 0x27bc TsUsbGD - ok
14:43:41.0033 0x27bc tsusbhub - ok
14:43:41.0036 0x27bc tunnel - ok
14:43:41.0040 0x27bc tzautoupdate - ok
14:43:41.0043 0x27bc UASPStor - ok
14:43:41.0045 0x27bc UcmCx0101 - ok
14:43:41.0049 0x27bc UcmTcpciCx0101 - ok
14:43:41.0052 0x27bc UcmUcsi - ok
14:43:41.0056 0x27bc Ucx01000 - ok
14:43:41.0059 0x27bc UdeCx - ok
14:43:41.0062 0x27bc udfs - ok
14:43:41.0065 0x27bc UEFI - ok
14:43:41.0068 0x27bc UevAgentDriver - ok
14:43:41.0071 0x27bc UevAgentService - ok
14:43:41.0074 0x27bc Ufx01000 - ok
14:43:41.0077 0x27bc UfxChipidea - ok
14:43:41.0080 0x27bc ufxsynopsys - ok
14:43:41.0086 0x27bc UI0Detect - ok
14:43:41.0089 0x27bc umbus - ok
14:43:41.0092 0x27bc UmPass - ok
14:43:41.0096 0x27bc UmRdpService - ok
14:43:41.0099 0x27bc UnistoreSvc - ok
14:43:41.0103 0x27bc upnphost - ok
14:43:41.0107 0x27bc UrsChipidea - ok
14:43:41.0110 0x27bc UrsCx01000 - ok
14:43:41.0113 0x27bc UrsSynopsys - ok
14:43:41.0118 0x27bc [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
14:43:41.0148 0x27bc USBAAPL64 - ok
14:43:41.0151 0x27bc usbaudio - ok
14:43:41.0154 0x27bc usbccgp - ok
14:43:41.0157 0x27bc usbcir - ok
14:43:41.0161 0x27bc usbehci - ok
14:43:41.0164 0x27bc usbhub - ok
14:43:41.0167 0x27bc USBHUB3 - ok
14:43:41.0170 0x27bc usbohci - ok
14:43:41.0172 0x27bc usbprint - ok
14:43:41.0176 0x27bc usbser - ok
14:43:41.0179 0x27bc USBSTOR - ok
14:43:41.0183 0x27bc usbuhci - ok
14:43:41.0186 0x27bc USBXHCI - ok
14:43:41.0189 0x27bc UserDataSvc - ok
14:43:41.0193 0x27bc UserManager - ok
14:43:41.0197 0x27bc UsoSvc - ok
14:43:41.0199 0x27bc VaultSvc - ok
14:43:41.0204 0x27bc [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone C:\Windows\System32\drivers\VClone.sys
14:43:41.0215 0x27bc VClone - ok
14:43:41.0219 0x27bc vdrvroot - ok
14:43:41.0222 0x27bc vds - ok
14:43:41.0225 0x27bc VerifierExt - ok
14:43:41.0229 0x27bc vhdmp - ok
14:43:41.0232 0x27bc vhf - ok
14:43:41.0250 0x27bc [ EF2270C2DF2B61FF1B8C422DC443CEFE, 30C74108BC0DE5884D64C7611CE8282CE556D9B42D7BE1FE569DE2067FBB4D5A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:43:41.0269 0x27bc VIAHdAudAddService - ok
14:43:41.0274 0x27bc [ 004175DA13E0372DA58F523104921631, 413A4C8169EDFDBAA58DA5FEDCBF1D0525F64A7AD34BAF17E29BCD14C1C189A7 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:43:41.0289 0x27bc VIAKaraokeService - ok
14:43:41.0293 0x27bc vmbus - ok
14:43:41.0296 0x27bc VMBusHID - ok
14:43:41.0299 0x27bc vmgid - ok
14:43:41.0302 0x27bc vmicguestinterface - ok
14:43:41.0305 0x27bc vmicheartbeat - ok
14:43:41.0309 0x27bc vmickvpexchange - ok
14:43:41.0312 0x27bc vmicrdv - ok
14:43:41.0315 0x27bc vmicshutdown - ok
14:43:41.0318 0x27bc vmictimesync - ok
14:43:41.0321 0x27bc vmicvmsession - ok
14:43:41.0325 0x27bc vmicvss - ok
14:43:41.0328 0x27bc volmgr - ok
14:43:41.0331 0x27bc volmgrx - ok
14:43:41.0334 0x27bc volsnap - ok
14:43:41.0337 0x27bc volume - ok
14:43:41.0341 0x27bc vpci - ok
14:43:41.0344 0x27bc vsmraid - ok
14:43:41.0347 0x27bc VSS - ok
14:43:41.0350 0x27bc VSTXRAID - ok
14:43:41.0353 0x27bc vwifibus - ok
14:43:41.0356 0x27bc vwififlt - ok
14:43:41.0361 0x27bc W32Time - ok
14:43:41.0364 0x27bc WacomPen - ok
14:43:41.0367 0x27bc WalletService - ok
14:43:41.0370 0x27bc wanarp - ok
14:43:41.0373 0x27bc wanarpv6 - ok
14:43:41.0377 0x27bc wbengine - ok
14:43:41.0380 0x27bc WbioSrvc - ok
14:43:41.0383 0x27bc wcifs - ok
14:43:41.0387 0x27bc Wcmsvc - ok
14:43:41.0390 0x27bc wcncsvc - ok
14:43:41.0394 0x27bc wcnfs - ok
14:43:41.0397 0x27bc WdBoot - ok
14:43:41.0400 0x27bc Wdf01000 - ok
14:43:41.0403 0x27bc WdFilter - ok
14:43:41.0407 0x27bc WdiServiceHost - ok
14:43:41.0410 0x27bc WdiSystemHost - ok
14:43:41.0413 0x27bc wdiwifi - ok
14:43:41.0416 0x27bc WdNisDrv - ok
14:43:41.0419 0x27bc WdNisSvc - ok
14:43:41.0422 0x27bc WebClient - ok
14:43:41.0426 0x27bc Wecsvc - ok
14:43:41.0429 0x27bc WEPHOSTSVC - ok
14:43:41.0433 0x27bc wercplsupport - ok
14:43:41.0436 0x27bc WerSvc - ok
14:43:41.0439 0x27bc WFPLWFS - ok
14:43:41.0443 0x27bc WiaRpc - ok
14:43:41.0446 0x27bc WIMMount - ok
14:43:41.0453 0x27bc [ 8897095BF6EDE2B8DD6866D1246D42FD, 1212DA6BCED198464AC3E1D70583F9C9F7BC27E4976AB72EB2C32357DD4AFC57 ] WinAppSvr C:\ProgramData\Microsoft\AppV\sym\dbg.dll
14:43:41.0485 0x27bc WinAppSvr - detected UnsignedFile.Multi.Generic ( 1 )
14:43:41.0581 0x27bc WinAppSvr ( UnsignedFile.Multi.Generic ) - warning
14:43:41.0661 0x27bc WinDefend - ok
14:43:41.0669 0x27bc WindowsTrustedRT - ok
14:43:41.0672 0x27bc WindowsTrustedRTProxy - ok
14:43:41.0676 0x27bc WinHttpAutoProxySvc - ok
14:43:41.0680 0x27bc WinMad - ok
14:43:41.0691 0x27bc Winmgmt - ok
14:43:41.0695 0x27bc WinRM - ok
14:43:41.0712 0x27bc [ A651F31D3C9FB7764CDA6FD99DC316DA, 691EE05BA8E63EF5EECF626BA09A4421A520EFA1B4741A1C5CCB441A99E3AA30 ] WinSAPSvc C:\Users\Leander\AppData\Roaming\WinSAPSvc\WinSAP.dll
14:43:41.0772 0x27bc WinSAPSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:43:41.0874 0x27bc WinSAPSvc ( UnsignedFile.Multi.Generic ) - warning
14:43:41.0874 0x27bc Force sending object to P2P due to detect: WinSAPSvc
14:43:42.0065 0x27bc Object send P2P result: true
14:43:42.0160 0x27bc WINUSB - ok
14:43:42.0167 0x27bc WinVerbs - ok
14:43:42.0173 0x27bc wisvc - ok
14:43:42.0177 0x27bc WlanSvc - ok
14:43:42.0180 0x27bc wlidsvc - ok
14:43:42.0183 0x27bc WmiAcpi - ok
14:43:42.0187 0x27bc wmiApSrv - ok
14:43:42.0190 0x27bc WMPNetworkSvc - ok
14:43:42.0194 0x27bc Wof - ok
14:43:42.0199 0x27bc workfolderssvc - ok
14:43:42.0202 0x27bc WPDBusEnum - ok
14:43:42.0206 0x27bc WpdUpFltr - ok
14:43:42.0209 0x27bc WpnService - ok
14:43:42.0212 0x27bc WpnUserService - ok
14:43:42.0217 0x27bc ws2ifsl - ok
14:43:42.0221 0x27bc wscsvc - ok
14:43:42.0224 0x27bc WSDPrintDevice - ok
14:43:42.0227 0x27bc WSDScan - ok
14:43:42.0230 0x27bc WSearch - ok
14:43:42.0235 0x27bc wuauserv - ok
14:43:42.0238 0x27bc WudfPf - ok
14:43:42.0241 0x27bc WUDFRd - ok
14:43:42.0244 0x27bc wudfsvc - ok
14:43:42.0247 0x27bc WUDFWpdFs - ok
14:43:42.0250 0x27bc WUDFWpdMtp - ok
14:43:42.0254 0x27bc WwanSvc - ok
14:43:42.0257 0x27bc XblAuthManager - ok
14:43:42.0260 0x27bc XblGameSave - ok
14:43:42.0263 0x27bc xboxgip - ok
14:43:42.0267 0x27bc XboxNetApiSvc - ok
14:43:42.0270 0x27bc xinputhid - ok
14:43:42.0273 0x27bc ================ Scan global ===============================
14:43:42.0284 0x27bc [ Global ] - ok
14:43:42.0284 0x27bc ================ Scan MBR ==================================
14:43:42.0287 0x27bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:43:42.0310 0x27bc \Device\Harddisk0\DR0 - ok
14:43:42.0312 0x27bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:43:42.0374 0x27bc \Device\Harddisk1\DR1 - ok
14:43:42.0386 0x27bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:43:42.0620 0x27bc \Device\Harddisk2\DR2 - ok
14:43:42.0620 0x27bc ================ Scan VBR ==================================
14:43:42.0624 0x27bc [ 2D2BBD13BA1BEDC04FBA3D7249F12938 ] \Device\Harddisk0\DR0\Partition1
14:43:42.0626 0x27bc \Device\Harddisk0\DR0\Partition1 - ok
14:43:42.0628 0x27bc [ 362708809E74A2713E36FC9F5B297E3D ] \Device\Harddisk0\DR0\Partition2
14:43:42.0628 0x27bc \Device\Harddisk0\DR0\Partition2 - ok
14:43:42.0630 0x27bc [ BD797CF9878AC2F19C83F35D4D5D009E ] \Device\Harddisk0\DR0\Partition3
14:43:42.0630 0x27bc \Device\Harddisk0\DR0\Partition3 - ok
14:43:42.0633 0x27bc [ 0A1B6D47E7A6418A8295A62055AFB781 ] \Device\Harddisk0\DR0\Partition4
14:43:42.0634 0x27bc \Device\Harddisk0\DR0\Partition4 - ok
14:43:42.0635 0x27bc [ 07DFC2C889EEBF1B08CCAC6DE479CEEB ] \Device\Harddisk1\DR1\Partition1
14:43:42.0637 0x27bc \Device\Harddisk1\DR1\Partition1 - ok
14:43:42.0639 0x27bc [ DFE9FD3C8FD950C8F317651E482D0D33 ] \Device\Harddisk2\DR2\Partition1
14:43:42.0640 0x27bc \Device\Harddisk2\DR2\Partition1 - ok
14:43:42.0643 0x27bc [ C8A9648FA6FE513BB00D52EAA74ACAF5 ] \Device\Harddisk2\DR2\Partition2
14:43:42.0644 0x27bc \Device\Harddisk2\DR2\Partition2 - ok
14:43:42.0646 0x27bc [ 1CC5C0F5BDEBFD7606390B40EEBCE38F ] \Device\Harddisk2\DR2\Partition3
14:43:42.0647 0x27bc \Device\Harddisk2\DR2\Partition3 - ok
14:43:42.0647 0x27bc ================ Scan generic autorun ======================
14:43:42.0751 0x27bc [ B040D46C934F7DB15297E6ECA23EDAD3, CB09DE99F060F5C9E5FE5DBBD551869D3D035BBCDA11B387507B436002C0C10D ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
14:43:42.0896 0x27bc HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
14:43:42.0999 0x27bc Detect skipped due to KSN trusted
14:43:42.0999 0x27bc HDAudDeck - ok
14:43:43.0013 0x27bc [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:43:43.0026 0x27bc AdobeAAMUpdater-1.0 - ok
14:43:43.0027 0x27bc WindowsDefender - ok
14:43:43.0082 0x27bc [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
14:43:43.0158 0x27bc Malwarebytes TrayApp - ok
14:43:43.0164 0x27bc [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
14:43:43.0172 0x27bc VirtualCloneDrive - ok
14:43:43.0221 0x27bc [ 6302798F2560E25EB980992B1C4C5F81, E5029149F326C3CD0E418D87234B656A47E4ADFA1E8BC186F0F80B763224BD02 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
14:43:43.0278 0x27bc Adobe Creative Cloud - ok
14:43:43.0307 0x27bc OneDriveSetup - ok
14:43:43.0308 0x27bc OneDriveSetup - ok
14:43:43.0342 0x27bc [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Leander\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:43:43.0382 0x27bc OneDrive - ok
14:43:43.0516 0x27bc [ 5AC56F5BEBC027169A1588142A8F125A, 293D1A22B8D7645101AF4773479F8C6F3E920BF85A348253F6AB3FC8BB5CD36B ] C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
14:43:43.0641 0x27bc Spotify - ok
14:43:43.0760 0x27bc [ 5EAB2A65DCA8A6171A8789932F250A31, C3C0E159EE67C94637CCF1D957352938CA19D73B501558FF82CFE014283F0013 ] E:\Origin\Origin.exe
14:43:43.0857 0x27bc EADM - ok
14:43:43.0889 0x27bc [ 243F49E6B1AA97E01876020E17BDB4A9, 97E9CE8E9F1A77599B85B5952520B7D8BDDCE215F7EADAA884BA9F7E0D5BE568 ] C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:43:44.0018 0x27bc Spotify Web Helper - ok
14:43:44.0203 0x27bc [ 0B4431D8286AB24483CEBA4503DCB6B1, 70D54CDDC8CBFAEB11CABF7A1DEA69CBE420EFCA96381E8753AD9326407875EE ] F:\My Games\Wot\WargamingGameUpdater.exe
14:43:45.0115 0x27bc World of Tanks - ok
14:43:45.0273 0x27bc [ BBC048995985EB7CA9B2E8EFF196E3BB, FF10C2247A036DD6579D2AF76EF2DA4F98D8F4BA69167EF4B5D2E0EDB00F2DF9 ] F:\My Games\WOW\WargamingGameUpdater.exe
14:43:45.0506 0x27bc World of Warships - ok
14:43:45.0509 0x27bc World of Tanks (1) - ok
14:43:48.0224 0x27bc Prime95 - ok
14:43:48.0227 0x27bc Skype - ok
14:43:48.0228 0x27bc Waiting for KSN requests completion. In queue: 44
14:43:49.0239 0x27bc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x61100 ( enabled : updated )
14:43:49.0250 0x27bc Win FW state via NFP2: enabled ( trusted )
14:43:49.0328 0x27bc ============================================================
14:43:49.0328 0x27bc Scan finished
14:43:49.0328 0x27bc ============================================================
14:43:49.0341 0x1ab0 Detected object count: 4
14:43:49.0341 0x1ab0 Actual detected object count: 4
14:43:55.0771 0x1ab0 BIT ( UnsignedFile.Multi.Generic ) - skipped by user
14:43:55.0771 0x1ab0 BIT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:43:55.0771 0x1ab0 NPASRE ( UnsignedFile.Multi.Generic ) - skipped by user
14:43:55.0771 0x1ab0 NPASRE ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:43:55.0772 0x1ab0 WinAppSvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:43:55.0772 0x1ab0 WinAppSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:43:55.0773 0x1ab0 WinSAPSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:43:55.0773 0x1ab0 WinSAPSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
14.05.2017, 10:58
| #12 |
| /// TB-Ausbilder | Adware installiert immer wieder Chrome und Toolbars Servus, am Besten wäre es, wenn du die Aktivitäten am PC auf ein Minimum reduzierst, bis wir hier fertig sind. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
14.05.2017, 12:11
| #13 |
| | Adware installiert immer wieder Chrome und Toolbars Die Adwarecleaner Log date Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 14/05/2017 um 12:50:51
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-13.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Leander - LEANDER-PC
# Gestartet von : C:\Users\Leander\Desktop\AdwCleaner_6.046(1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: WinAppSvr
[-] Dienst gelöscht: NPASRE
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Leander\AppData\Local\NPASRE
[-] Ordner gelöscht: C:\Users\Leander\AppData\Roaming\WinSAPSvc
[-] Ordner gelöscht: C:\Program Files (x86)\Eggper
[-] Ordner gelöscht: C:\Program Files (x86)\Firefox
[-] Ordner gelöscht: C:\Users\Leander\AppData\Roaming\Firefox
[-] Ordner gelöscht: C:\Users\Leander\AppData\Local\Firefox
[-] Ordner gelöscht: C:\ProgramData\BIT
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Public\Documents\temp.dat
[-] Datei gelöscht: C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: Milimili
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\NPASRE
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\NPASRE
[-] Schlüssel gelöscht: HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Software\Bagsarah
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Bagsarah
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ScreenShot
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Bagsarah
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Bagsarah
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [32429 Bytes] - [20/10/2015 18:15:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [3228 Bytes] - [10/04/2017 22:05:25]
C:\AdwCleaner\AdwCleaner[C3].txt - [2907 Bytes] - [11/04/2017 21:24:48]
C:\AdwCleaner\AdwCleaner[C4].txt - [2496 Bytes] - [15/04/2017 20:23:17]
C:\AdwCleaner\AdwCleaner[C6].txt - [2737 Bytes] - [14/05/2017 12:50:51]
C:\AdwCleaner\AdwCleaner[C8].txt - [2880 Bytes] - [11/05/2017 15:46:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [3869 Bytes] - [31/03/2017 17:24:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [3733 Bytes] - [10/04/2017 21:52:30]
C:\AdwCleaner\AdwCleaner[S4].txt - [3199 Bytes] - [10/04/2017 22:01:27]
C:\AdwCleaner\AdwCleaner[S5].txt - [3030 Bytes] - [14/05/2017 12:46:14]
C:\AdwCleaner\AdwCleaner[S6].txt - [3025 Bytes] - [14/05/2017 12:48:26]
########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [3248 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 14.05.2017 Suchlaufzeit: 12:58 Protokolldatei: mbm scan.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.05.14.02 Rootkit-Datenbank: v2017.04.02.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Leander Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 312528 Abgelaufene Zeit: 5 Min., 25 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 1 Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{8F0F267E-12E9-11E7-A647-64006A5CFC23}, In Quarantäne, [46c46bad3871f442c3a70cc7be43be42], Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 2 Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Reerdition, In Quarantäne, [040649cfeabf3afc54a24b885fa2867a], Dateien: 23 Adware.Elex, C:\Users\Leander\AppData\Local\Temp\~bk862D.tmp, In Quarantäne, [d13938e0b5f4ad89b423e1f2fd045fa1], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\kokoko2.dll, In Quarantäne, [33d79c7cecbd0630f2e5f8db738e1fe1], Adware.Elex, C:\ProgramData\Microsoft\AppV\sym\dbg.dll, In Quarantäne, [73970216387155e12d1a5480a65b25db], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\QQBrowser.exe, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\00, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\11, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\1111111, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\22, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\3333333, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\amule_cf, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\BigFarm.ico, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\big_bang_empire.ico, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\CasasBahia.ico, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\CJ, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\PontoFrio.ico, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\QQBrowserFrame.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\SJ, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\UUUCC.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\WinSAP.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\XOBc.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\XOBr.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Users\Leander\AppData\Local\Temp\1\yacqq.dll, In Quarantäne, [0ffb71a7f4b5ed4912b8d2e8fe038977], Adware.Elex, C:\Reerdition\Qerzerph.gwc, In Quarantäne, [040649cfeabf3afc54a24b885fa2867a], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von Leander (Administrator) auf LEANDER-PC (14-05-2017 13:09:34)
Gestartet von C:\Users\Leander\Desktop
Geladene Profile: Leander (Verfügbare Profile: Leander)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) E:\Origin\OriginWebHelperService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Electronic Arts) E:\Origin\Origin.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() E:\Origin\QtWebEngineProcess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4700160 2016-06-25] (VIA)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify] => C:\Users\Leander\AppData\Roaming\Spotify\Spotify.exe [6997104 2017-05-14] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [EADM] => E:\Origin\Origin.exe [3046264 2017-05-02] (Electronic Arts)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Spotify Web Helper] => C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1449584 2017-05-14] (Spotify Ltd)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks] => F:\My Games\Wot\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Warships] => F:\My Games\WOW\WargamingGameUpdater.exe [3134216 2017-03-09] (Wargaming.net)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [World of Tanks (1)] => "F:\My Games\Wot Testserver\WargamingGameUpdater.exe"
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Prime95] => C:\Users\Leander\AppData\Local\Temp\Rar$EXa0.507\prime95.exe <===== ACHTUNG
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\MountPoints2: {82f69dcc-839f-11e5-8d75-50e549ef7985} - "H:\setup.exe"
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.198.1
Tcpip\..\Interfaces\{1b9d694c-0723-46f2-82ca-561812a30ba7}: [DhcpNameServer] 192.168.198.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-83b06630&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1473955321833
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-314425503-1263803708-1118067362-1000 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: eqtdc3ih.default
FF ProfilePath: C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default [2017-05-14]
FF NewTab: Mozilla\Firefox\Profiles\eqtdc3ih.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\eqtdc3ih.default -> Yahoo Powered
FF Extension: (AdBlocker Ultimate) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\adblockultimate@adblockultimate.net.xpi [2016-12-29]
FF Extension: (MEGA) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\firefox@mega.co.nz.xpi [2017-05-11]
FF Extension: (Adblock Plus) - C:\Users\Leander\AppData\Roaming\Mozilla\Firefox\Profiles\eqtdc3ih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-13] ()
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2147216 2017-05-02] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3116440 2017-05-02] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-08] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-08-20] ()
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-17] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-17] (Disc Soft Ltd)
R1 epp; E:\PROGRAM FILES (X86)\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [39296 2013-08-05] (Etron Technology Inc)
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2016-06-07] (LogMeIn Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-08-20] ()
R3 mt7612US; C:\Windows\System32\drivers\mt7612US.sys [377864 2015-12-09] (MediaTek Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2003-04-22] () [Datei ist nicht signiert]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 cmanvwhc; \??\C:\WINDOWS\system32\drivers\cmanvwhc.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-14 13:08 - 2017-05-14 13:08 - 00004078 _____ C:\Users\Leander\Desktop\mbm scan.txt
2017-05-14 13:05 - 2017-05-14 13:05 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-05-14 12:57 - 2017-05-14 12:57 - 00000863 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-05-14 12:57 - 2017-05-14 12:57 - 00000000 ____D C:\Users\Leander\Desktop\ Malwarebytes Anti-Malware
2017-05-14 12:52 - 2017-05-14 12:52 - 00003342 _____ C:\Users\Leander\Desktop\AdwCleaner[C6].txt
2017-05-14 12:50 - 2017-05-14 12:50 - 00000000 ____D C:\Users\Leander\AppData\Local\PeerDistRepub
2017-05-14 12:43 - 2017-05-14 12:43 - 04102600 _____ C:\Users\Leander\Desktop\AdwCleaner_6.046(1).exe
2017-05-14 11:35 - 2017-05-14 11:35 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Pixel Titans
2017-05-13 14:49 - 2017-05-13 14:49 - 00000000 ____D C:\Users\Leander\AppData\Local\Macromedia
2017-05-13 14:44 - 2017-05-13 14:44 - 00040126 _____ C:\Users\Leander\Desktop\tdsskiller.txt
2017-05-13 14:42 - 2017-05-13 18:07 - 00080342 _____ C:\TDSSKiller.3.1.0.15_13.05.2017_14.42.54_log.txt
2017-05-13 14:38 - 2017-05-14 12:47 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Mozilla
2017-05-13 14:38 - 2017-05-13 14:38 - 00000562 _____ C:\TDSSKiller.3.1.0.15_13.05.2017_14.38.12_log.txt
2017-05-13 14:38 - 2017-05-12 10:07 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Leander\Desktop\tdsskiller.exe
2017-05-13 14:38 - 2017-05-11 14:18 - 01663672 _____ (Malwarebytes) C:\Users\Leander\Desktop\JRT.exe
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Windows\AppReadiness
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Users\Leander\.QtWebEngineProcess
2017-05-13 14:37 - 2017-05-13 14:37 - 00000000 ____D C:\Users\Leander\.Origin
2017-05-13 14:37 - 2017-05-11 14:57 - 02429440 _____ (Farbar) C:\Users\Leander\Desktop\FRST64.exe
2017-05-12 20:22 - 2017-05-12 20:22 - 00001252 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-12 20:22 - 2017-05-12 20:22 - 00000000 ____D C:\Users\Leander\AppData\Local\UNP
2017-05-12 19:11 - 2017-05-12 19:12 - 00000000 ____D C:\Program Files\UNP
2017-05-12 19:11 - 2017-05-12 19:11 - 00000000 ____D C:\Windows\system32\UNP
2017-05-12 14:43 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\3333
2017-05-12 14:43 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\2222
2017-05-12 10:07 - 2017-05-12 10:09 - 00079314 _____ C:\TDSSKiller.3.1.0.15_12.05.2017_10.07.13_log.txt
2017-05-11 21:00 - 2017-05-13 15:32 - 00000000 ____D C:\Program Files (x86)\MIO
2017-05-11 18:49 - 2017-05-11 18:49 - 00025135 _____ C:\Users\Leander\Desktop\Alte Adwarecleaner scans.rar
2017-05-11 15:55 - 2017-05-14 13:10 - 00015263 _____ C:\Users\Leander\Desktop\FRST.txt
2017-05-11 15:55 - 2017-05-13 14:42 - 00078010 _____ C:\Users\Leander\Desktop\Addition.txt
2017-05-11 15:53 - 2017-05-14 13:09 - 00000000 ____D C:\FRST
2017-05-11 15:53 - 2017-05-11 15:53 - 00001240 _____ C:\Users\Leander\Desktop\Sacn mwb.txt
2017-05-11 15:45 - 2017-05-11 15:45 - 00003162 _____ C:\Users\Leander\Desktop\scan_170511-143141.txt
2017-05-11 14:12 - 2017-05-11 14:12 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-11 13:46 - 2017-05-11 13:46 - 00000000 _____ C:\Windows\SysWOW64\33
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-11 13:39 - 2017-05-11 13:39 - 00000000 _____ C:\Windows\SysWOW64\3333333
2017-05-11 13:38 - 2017-05-12 14:43 - 00000000 _____ C:\Windows\SysWOW64\1111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\1111111
2017-05-11 13:38 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\00
2017-05-11 10:28 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-11 10:28 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-11 10:28 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-11 10:28 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-11 10:28 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:28 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-11 10:28 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 10:28 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-11 10:28 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-11 10:28 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-11 10:28 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-11 10:28 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-11 10:28 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-11 10:28 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 10:28 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-11 10:28 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-11 10:28 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-11 10:28 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-11 10:28 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-11 10:28 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 10:28 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-11 10:28 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-11 10:28 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-11 10:28 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-11 10:28 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-11 10:28 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-11 10:27 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-11 10:27 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 10:27 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-11 10:27 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-11 10:27 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-11 10:27 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-11 10:27 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 10:27 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-11 10:27 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-11 10:27 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-11 10:27 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-11 10:27 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-11 10:27 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-11 10:27 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-11 10:27 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-11 10:27 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-11 10:27 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-11 10:27 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-11 10:27 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-11 10:27 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-11 10:27 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-11 10:27 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-11 10:27 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 10:27 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-11 10:27 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 10:27 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-11 10:27 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-11 10:27 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-11 10:27 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-11 10:27 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-11 10:27 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-11 10:27 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 10:27 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-11 10:27 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-11 10:27 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-11 10:27 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-11 10:27 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-11 10:27 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-11 10:27 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-05-11 10:27 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 10:27 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-11 10:27 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-11 10:27 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-11 10:27 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-11 10:27 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-11 10:27 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-11 10:27 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-11 10:27 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-11 10:27 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-11 10:27 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 10:27 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-11 10:27 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-11 10:27 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-11 10:27 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-11 10:27 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-11 10:27 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 10:27 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 10:27 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-11 10:27 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-11 10:27 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-11 10:27 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-11 10:27 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-11 10:27 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-11 10:27 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-05-11 10:27 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-11 10:27 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-11 10:27 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-11 10:27 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-11 10:27 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-11 10:27 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-11 10:27 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-11 10:27 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-11 10:27 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-11 10:27 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-11 10:27 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-11 10:27 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-11 10:27 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-11 10:27 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-11 10:27 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-11 10:27 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-11 10:27 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-11 10:27 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-11 10:27 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-11 10:27 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-11 10:27 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 10:27 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-11 10:27 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 10:27 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 10:27 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-11 10:27 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-11 10:27 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 10:26 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-05-11 10:26 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-11 10:26 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-11 10:26 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-11 10:26 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-11 10:26 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-11 10:26 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-11 10:26 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-11 10:26 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-11 10:26 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-11 10:26 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-11 10:26 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-11 10:26 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-11 10:26 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-11 10:26 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-11 10:26 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-11 10:26 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-11 10:26 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-11 10:26 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-11 10:26 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-11 10:26 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-11 10:26 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-11 10:26 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-11 10:26 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-11 10:26 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-11 10:26 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-11 10:26 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-11 10:26 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-11 10:26 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-11 10:26 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-11 10:26 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-11 10:26 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-11 10:26 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-11 10:26 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-11 10:26 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-11 10:26 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-11 10:26 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-11 10:26 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-11 10:26 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-11 10:26 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-11 10:26 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-11 10:26 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-11 10:26 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-11 10:26 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-11 10:26 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-11 10:26 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-11 10:26 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-11 10:26 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-11 10:26 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-11 10:26 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-11 10:26 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-11 10:26 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-11 10:26 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-11 10:26 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-11 10:26 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-11 10:26 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-11 10:26 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-11 10:26 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-11 10:26 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-11 10:26 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-11 10:26 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-11 10:26 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-11 10:26 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-11 10:26 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-11 10:26 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-11 10:26 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 10:26 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-11 10:26 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-11 10:26 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-11 10:26 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-11 10:26 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-11 10:26 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-07 14:33 - 2017-05-07 14:33 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\5FB23263.sys
2017-05-05 21:39 - 2017-05-11 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-05 13:56 - 2017-05-05 13:56 - 00000000 ____D C:\Users\Leander\AppData\Local\NVIDIA Corporation
2017-05-05 13:53 - 2017-05-05 13:53 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-05 13:53 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-05 13:53 - 2017-05-02 00:38 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-05-05 13:53 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-05-05 13:53 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-05-05 13:53 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-05-05 13:53 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-05-05 13:53 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-05-05 13:53 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-05-05 13:50 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 04092088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-05-05 13:50 - 2017-05-02 00:38 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-05-05 13:41 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-05 13:41 - 2017-05-02 00:38 - 00513144 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-05-05 13:41 - 2017-05-02 00:38 - 00418936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-05-05 13:39 - 2017-05-02 00:38 - 00045061 _____ C:\Windows\system32\nvinfo.pb
2017-05-05 13:37 - 2017-05-05 13:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-05 13:36 - 2017-05-05 13:36 - 00000000 ____D C:\NVIDIA
2017-05-05 12:55 - 2017-05-05 12:55 - 00000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-05 12:54 - 2017-05-05 12:54 - 00003650 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-05-04 21:09 - 2017-05-04 21:10 - 00000000 ____D C:\Users\Leander\Documents\Need For Speed
2017-05-04 20:57 - 2017-05-04 20:57 - 00000709 _____ C:\Users\Public\Desktop\Need for Speed™.lnk
2017-05-04 17:11 - 2017-05-04 17:11 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\3B4040D4.sys
2017-04-30 17:40 - 2017-04-30 17:40 - 00000000 ____D C:\Users\Leander\AppData\Local\Sniper3
2017-04-29 10:21 - 2017-05-04 19:54 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Factorio
2017-04-28 14:53 - 2017-04-28 14:53 - 00002749 _____ C:\Users\Public\Desktop\Factorio.lnk
2017-04-28 14:53 - 2017-04-28 14:53 - 00000000 ____D C:\Program Files (x86)\Factorio
2017-04-26 09:43 - 2017-04-26 09:43 - 00000000 ____D C:\Windows\psgo
2017-04-26 09:39 - 2017-05-05 13:59 - 00000000 ____D C:\Insist
2017-04-21 22:06 - 2017-04-21 22:06 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\750F2B85.sys
2017-04-21 21:42 - 2017-04-21 21:42 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4201187D.sys
2017-04-21 18:50 - 2017-04-21 18:50 - 00000000 _____ C:\Windows\SysWOW64\44
2017-04-20 18:53 - 2017-04-20 18:53 - 00000000 _____ C:\Windows\SysWOW64\22
2017-04-20 18:48 - 2017-05-11 13:38 - 00000000 _____ C:\Windows\SysWOW64\11
2017-04-20 18:45 - 2017-05-11 10:29 - 00000000 _____ C:\Windows\SysWOW64\1
2017-04-20 18:40 - 2017-04-20 18:40 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\656C3FB5.sys
2017-04-19 11:23 - 2017-05-12 14:46 - 00001999 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-19 11:20 - 2017-04-19 11:20 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\4981203A.sys
2017-04-18 18:30 - 2017-04-19 11:01 - 00001799 _____ C:\Users\Leander\Desktop\Warum AMD am Arsch ist.txt
2017-04-15 21:52 - 2017-04-15 21:58 - 00000000 ____D C:\Users\Leander\Downloads\Fakki
2017-04-15 21:50 - 2017-04-15 21:50 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 2 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 2
2017-04-15 20:35 - 2017-05-11 13:51 - 00245640 _____ C:\Users\Leander\Downloads\Firefox Setup Stub 52.0.2 (1).exe
2017-04-15 20:20 - 2017-04-15 21:49 - 00000000 ____D C:\Users\Leander\Downloads\[TSUMINO.COM] Bishoujo Mangekyou -Kami ga Tsukuritamouta Shoujo-tachi- Shokai Ban Part 1 美少女万華鏡 -神が造りたもうた少女たち- 初回版 Part 1
2017-04-15 13:13 - 2017-04-15 13:13 - 00001230 _____ C:\Users\Public\Desktop\Splinter Cell Conviction.lnk
2017-04-15 13:13 - 2017-04-15 13:13 - 00000000 ____D C:\Users\Leander\AppData\Local\storage
2017-04-15 11:55 - 2017-04-15 11:58 - 00000872 _____ C:\Users\Leander\Desktop\Act of Aggression.lnk
2017-04-14 14:21 - 2017-05-11 14:27 - 00000000 ____D C:\Users\Leander\Desktop\mbar
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-14 13:07 - 2016-12-16 16:53 - 00000000 ____D C:\Users\Leander\AppData\Local\CrashDumps
2017-05-14 13:06 - 2016-07-13 19:59 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Skype
2017-05-14 13:05 - 2017-03-31 17:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-14 13:05 - 2016-10-08 10:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-14 13:05 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-14 13:05 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-05-14 13:05 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Spotify
2017-05-14 12:55 - 2016-07-17 00:51 - 03100770 _____ C:\Windows\system32\perfh007.dat
2017-05-14 12:55 - 2016-07-17 00:51 - 00838512 _____ C:\Windows\system32\perfc007.dat
2017-05-14 12:55 - 2016-06-25 14:22 - 06313968 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-14 12:52 - 2016-06-25 16:35 - 00000000 ____D C:\Users\Leander\AppData\Local\Spotify
2017-05-14 12:52 - 2015-10-21 19:20 - 00000000 ___RD C:\Users\Leander\OneDrive
2017-05-14 12:50 - 2015-05-31 17:04 - 00000000 ___DC C:\AdwCleaner
2017-05-14 12:40 - 2016-10-08 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-14 11:33 - 2016-06-25 18:01 - 00000000 ____D C:\Users\Leander\AppData\Local\Adobe
2017-05-13 18:08 - 2016-10-08 10:34 - 00000000 ____D C:\Users\Leander
2017-05-13 14:54 - 2016-07-06 11:44 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Origin
2017-05-13 14:39 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Local\Packages
2017-05-13 14:38 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Mozilla
2017-05-13 14:37 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Adobe
2017-05-13 14:36 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-13 14:36 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Com
2017-05-13 14:36 - 2016-06-25 14:27 - 00000000 ____D C:\Users\Leander\AppData\Local\Mozilla
2017-05-12 15:16 - 2016-10-15 13:00 - 00000903 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2017-05-12 10:00 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-11 20:59 - 2017-03-30 20:58 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2017-05-11 18:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Games
2017-05-11 14:28 - 2016-06-25 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 14:28 - 2015-10-24 17:31 - 00000000 ____D C:\Users\Leander\Desktop\Programme
2017-05-11 14:00 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 13:57 - 2016-10-08 10:32 - 00228168 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 13:57 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 13:56 - 2017-03-27 22:31 - 00000000 ____D C:\Users\Leander\AppData\Roaming\SmartSteamEmu
2017-05-11 13:56 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Registration
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 13:55 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-11 10:34 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-11 10:29 - 2016-06-25 16:29 - 00000000 ____D C:\Windows\system32\MRT
2017-05-11 10:29 - 2016-06-25 16:28 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-11 09:37 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-09 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-09 15:29 - 2016-07-09 19:45 - 00000000 ____D C:\Users\Leander\AppData\Roaming\vlc
2017-05-08 21:38 - 2016-07-08 18:41 - 00000000 ____D C:\Users\Leander\AppData\Local\Ubisoft Game Launcher
2017-05-08 21:38 - 2016-06-25 21:47 - 00000000 ____D C:\Users\Leander\AppData\Local\JDownloader v2.0
2017-05-06 21:20 - 2015-10-23 20:40 - 00000000 ____D C:\Users\Leander\Documents\My Games
2017-05-05 13:53 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Help
2017-05-05 12:53 - 2017-02-08 18:55 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2017-05-05 12:53 - 2016-10-08 10:32 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-05-04 17:17 - 2016-11-27 15:50 - 00000000 ____D C:\Users\Leander\Documents\Project CARS
2017-05-03 09:53 - 2015-11-14 19:25 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 3
2017-05-02 20:25 - 2016-07-08 15:47 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-05-02 20:25 - 2016-07-08 10:31 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-08 10:34 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-04-20 18:41 - 2016-12-17 19:11 - 00003284 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-20 18:41 - 2016-06-25 14:21 - 00002389 _____ C:\Users\Leander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-19 11:23 - 2017-04-11 21:22 - 00000000 ____D C:\Program Files (x86)\temp
2017-04-19 11:23 - 2017-03-10 07:39 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.3d
2017-04-19 11:23 - 2017-02-26 11:18 - 00000000 ____D C:\Users\Leander\Documents\Stronghold Crusader
2017-04-19 11:23 - 2017-02-23 11:50 - 00000000 ____D C:\Users\Leander\AppData\Local\0ad
2017-04-19 11:23 - 2017-02-13 20:02 - 00000000 ____D C:\Users\Leander\Documents\Mount&Blade Warband
2017-04-19 11:23 - 2017-01-21 13:04 - 00000000 ____D C:\Users\Leander\AppData\Roaming\WhatsApp
2017-04-19 11:23 - 2017-01-16 14:31 - 00000000 ____D C:\Users\Leander\Desktop\cemu_1.7.0
2017-04-19 11:23 - 2017-01-15 21:37 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Tropico 5
2017-04-19 11:23 - 2016-12-19 20:40 - 00000000 ____D C:\Users\Leander\AppData\Roaming\dvdcss
2017-04-19 11:23 - 2016-12-14 17:24 - 00000000 ____D C:\Users\Leander\AppData\Local\LOOT
2017-04-19 11:23 - 2016-10-30 15:14 - 00000000 ____D C:\Users\Leander\Documents\Command and Conquer Generals Zero Hour Data
2017-04-19 11:23 - 2016-10-15 13:55 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 1
2017-04-19 11:23 - 2016-10-04 20:19 - 00000000 ____D C:\Users\Leander\AppData\Roaming\TS3Client
2017-04-19 11:23 - 2016-09-01 21:17 - 00000000 ____D C:\Users\Leander\Documents\Master of Orion
2017-04-19 11:23 - 2016-08-20 21:40 - 00000000 ____D C:\Users\Leander\Documents\ANNO 1404 Venedig
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 __RSD C:\Windows\Media
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\security
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\InputMethod
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\IME
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2017-04-19 11:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-19 11:23 - 2016-07-14 21:17 - 00000000 ____D C:\Users\Leander\Documents\Dolphin Emulator
2017-04-19 11:23 - 2016-07-13 18:42 - 00000000 ____D C:\Users\Leander\AppData\Local\SKIDROW
2017-04-19 11:23 - 2016-07-10 13:50 - 00000000 ____D C:\Users\Leander\AppData\Roaming\Frontier Developments
2017-04-19 11:23 - 2016-07-07 12:41 - 00000000 ____D C:\Users\Leander\AppData\Roaming\.minecraft
2017-04-19 11:23 - 2016-06-25 14:20 - 00000000 ____D C:\Users\Leander\AppData\Local\MicrosoftEdge
2017-04-19 11:23 - 2016-06-25 14:17 - 00000000 ____D C:\Users\DefaultAppPool
2017-04-19 11:23 - 2016-06-11 16:27 - 00000000 ____D C:\Users\Leander\Documents\Spiele
2017-04-19 11:23 - 2016-04-01 19:34 - 00000000 ____D C:\Users\Leander\.litwrl
2017-04-19 11:23 - 2016-03-24 16:54 - 00000000 ____D C:\Users\Leander\Documents\TrackMania
2017-04-19 11:23 - 2016-03-23 13:43 - 00000000 ____D C:\Users\Leander\Documents\STAR WARS Battlefront
2017-04-19 11:23 - 2016-01-03 22:58 - 00000000 ____D C:\Users\Leander\Documents\3DMark
2017-04-19 11:23 - 2015-12-29 17:01 - 00000000 ____D C:\Users\Leander\Documents\BFH
2017-04-19 11:23 - 2015-12-13 17:16 - 00000000 ____D C:\Users\Leander\Documents\FIFA 15
2017-04-19 11:23 - 2015-12-03 19:02 - 00000000 ____D C:\Users\Leander\AppData\LocalLow\Adobe
2017-04-19 11:23 - 2015-11-11 19:07 - 00000000 ____D C:\Users\Leander\Documents\StarCraft II
2017-04-19 11:23 - 2015-10-29 21:02 - 00000000 ____D C:\Users\Leander\Documents\Battlefield 4
2017-04-19 11:23 - 2010-11-21 09:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-04-14 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-04-14 15:24 - 2017-03-31 17:17 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-04-14 15:24 - 2017-03-31 17:16 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-26 12:47 - 2016-07-05 19:47 - 0000151 _____ () C:\Users\Leander\AppData\Roaming\WB.CFG
2016-11-27 19:44 - 2016-12-27 13:45 - 0007597 _____ () C:\Users\Leander\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole4047230449030724081.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole7442378117606400700.dll
2017-05-08 21:38 - 2017-05-08 21:38 - 0040448 ____N () C:\Users\Leander\AppData\Local\Temp\proxy_vole780015794168616176.dll
2017-03-20 18:26 - 2017-03-20 18:26 - 14456872 _____ (Microsoft Corporation) C:\Users\Leander\AppData\Local\Temp\vc_redist.x86.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:27
==================== Ende von FRST.txt ============================
|
|
14.05.2017, 12:13
| #14 |
| | Adware installiert immer wieder Chrome und Toolbars Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Leander (14-05-2017 13:10:12)
Gestartet von C:\Users\Leander\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-08 08:41:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-314425503-1263803708-1118067362-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-314425503-1263803708-1118067362-503 - Limited - Disabled)
Gast (S-1-5-21-314425503-1263803708-1118067362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-314425503-1263803708-1118067362-1002 - Limited - Enabled)
Leander (S-1-5-21-314425503-1263803708-1118067362-1000 - Administrator - Enabled) => C:\Users\Leander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
0 A.D. (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\0 A.D.) (Version: r18915P-alpha - Wildfire Games)
Act of Aggression MULTI2 1.0 (HKLM-x32\...\Act of Aggression MULTI2 1.0) (Version: - )
Act of Aggression Update 14 MULTI2 1.0 (HKLM-x32\...\Act of Aggression Update 14 MULTI2 1.0) (Version: - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
AlphaGo (HKLM-x32\...\{118B6258-BF13-47C9-8D46-B2A349196B5D}) (Version: 1.0.0 - Default Company Name)
ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\bf2battlelog) (Version: 0.8.6 - Spencer Sharkey)
Borderlands 2 GOTY version 1.8.2 (HKLM-x32\...\Borderlands 2 GOTY_is1) (Version: 1.8.2 - 2K Games)
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Call of Duty 4: Modern Warfare (HKLM\...\Steam App 7940) (Version: - Infinity Ward)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version: - Relic Entertainment)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\CopyTrans Suite) (Version: 4.013 - WindSolutions)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Endless Legend (HKLM\...\Steam App 289130) (Version: - AMPLITUDE Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
F1 2016 (HKLM\...\Steam App 391040) (Version: - Codemasters)
Factorio (HKLM-x32\...\{2BCB3CEC-B168-450B-857D-408CA9E9F3C4}) (Version: 12.24.0000 - Your Company Name)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Freelancer (HKLM-x32\...\Freelancer 1.0) (Version: - )
GdZ WoT ModPack Version 0.9.17.0.06 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.17.0.06 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: Mass Effect 3 - )
Master of Orion (HKLM-x32\...\Master of Orion_is1) (Version: - )
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft OneDrive (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\1893001152_is1) (Version: 2.0.0.3 - GOG.com)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSI Afterburner 4.3.0 Beta 14 (HKLM-x32\...\Afterburner) (Version: 4.3.0 Beta 14 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NBA 2K17 (HKLM-x32\...\NBA 2K17_is1) (Version: - )
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Platform (x32 Version: 1.43 - VIA Technologies, Inc.) Hidden
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
SpellForce 2 Patch (x32 Version: 1.0.0 - JoWood) Hidden
Splinter Cell: Conviction - Deluxe Edition (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}_is1) (Version: 1.04.000 - Ubisoft)
Spotify (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version: - Petroglyph)
Steamless Counter Strike Source Pack (HKLM-x32\...\Steamless Counter Strike Source Pack) (Version: 1.0 - Steamless)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Total War ROME II - Emperor Edition (HKLM-x32\...\Total War ROME II - Emperor Edition_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-314425503-1263803708-1118067362-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
XVM Version 6.4.3 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.3 - XVM team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C14277FD74D4}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-314425503-1263803708-1118067362-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12FD3112-DD67-4F99-A131-5729DDC1C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {1406D884-61DC-4B4D-8B4F-5C027501E4F3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {2A043FF9-3775-45BE-96FE-1074721A002B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-02] (NVIDIA Corporation)
Task: {31244610-8760-4B4E-8A8A-9EF7E29EEA23} - \Buhukhjoly -> Keine Datei <==== ACHTUNG
Task: {8FFE60D5-A499-4D75-B1F2-E0B9A7E0AE6A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-leander-hausmann@web.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {966282B4-8F3D-4636-875D-C1ED5539DE98} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
Task: {A87C61AC-122E-4289-B391-8B47E3B080B5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {B38B6170-5E59-4D10-8FD4-51AD70098688} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-02] (NVIDIA Corporation)
Task: {BF8866CF-CFB4-47CD-973E-1FBDD5DBDEE8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Leander\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DF58C814-98FC-4C83-94D0-C888DC80FAE5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-02] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 19:12 - 2016-09-01 19:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-08 10:31 - 2016-07-08 21:28 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-05-11 10:26 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-10-08 20:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:12 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00022928 _____ () E:\Origin\QtWebEngineProcess.exe
2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-03-15 19:12 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:12 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:12 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 10:26 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 10:26 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 02493440 _____ () E:\Origin\libGLESv2.dll
2017-01-19 06:46 - 2017-01-19 06:46 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2016-10-27 17:54 - 2017-05-14 11:32 - 00116848 _____ () C:\Users\Leander\AppData\Roaming\Spotify\SpotifyWinRT.dll
2016-06-25 16:35 - 2017-05-14 11:33 - 67117168 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libcef.dll
2016-09-20 19:38 - 2017-05-02 10:05 - 00012288 _____ () E:\Origin\libEGL.DLL
2016-07-06 11:43 - 2016-07-06 11:43 - 00266240 _____ () E:\Origin\imageformats\qmng.dll
2016-06-25 16:35 - 2017-05-14 11:32 - 02253424 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libglesv2.dll
2016-06-25 16:35 - 2017-05-14 11:32 - 00086640 _____ () C:\Users\Leander\AppData\Roaming\Spotify\libegl.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-06-25 15:08 - 2016-06-25 15:06 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-314425503-1263803708-1118067362-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.198.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{7379E9E5-2135-4D67-956F-74841C80FF12}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{026CCD4A-6ABB-420F-9095-76553D139983}C:\users\leander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leander\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8B51C0AC-DD52-4049-882E-36DCDB7775F4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{DBC56F1E-7991-4B76-975D-FD118E2C1EC0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/14/2017 01:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0x01d2cca2151b81e5
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: f54ae758-07cc-4021-93ca-c091784837cf
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 01:06:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1478
Startzeit der fehlerhaften Anwendung: 0x01d2cca2061c2448
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: cd299dc5-96c5-43fa-8ecd-12febc895b2c
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 01:05:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1550
Startzeit der fehlerhaften Anwendung: 0x01d2cca20302d3c8
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: f74d021e-03d9-4b70-b2ee-0d9c5a6c3597
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 12:53:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x1560
Startzeit der fehlerhaften Anwendung: 0x01d2cca0241e53b2
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 29abc7bc-dc76-4e49-9add-12b492cfca88
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 12:52:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x101c
Startzeit der fehlerhaften Anwendung: 0x01d2cca017ee4b4d
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 029166b1-fd1c-45a7-bae2-e59364edb9b6
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 12:51:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x16c4
Startzeit der fehlerhaften Anwendung: 0x01d2cca0149888d8
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: c393cbfc-7de1-478a-8c35-1abaf2dd8c30
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 12:47:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdwCleaner_6.046(1).exe, Version: 6.0.4.6, Zeitstempel: 0x58fe39c0
Name des fehlerhaften Moduls: AdwCleaner_6.046(1).exe, Version: 6.0.4.6, Zeitstempel: 0x58fe39c0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022d82
ID des fehlerhaften Prozesses: 0x140c
Startzeit der fehlerhaften Anwendung: 0x01d2cc9f1fafbe9e
Pfad der fehlerhaften Anwendung: C:\Users\Leander\Desktop\AdwCleaner_6.046(1).exe
Pfad des fehlerhaften Moduls: C:\Users\Leander\Desktop\AdwCleaner_6.046(1).exe
Berichtskennung: 1e0f1b14-1e65-407b-9f81-a5e20edd5e6c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/14/2017 11:34:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x24e4
Startzeit der fehlerhaften Anwendung: 0x01d2cc9512ef5a09
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 1b21aceb-6a71-4017-a64b-65f2743bab27
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (05/14/2017 11:33:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 3.0.0.912, Zeitstempel: 0x58811df5
Name des fehlerhaften Moduls: mbam.exe, Version: 3.0.0.912, Zeitstempel: 0x58811df5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00232185
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0x01d2cc9525e819bb
Pfad der fehlerhaften Anwendung: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Berichtskennung: 917b8fff-fe41-4c35-86f3-d2be19e572e8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/14/2017 11:32:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: skypert.dll, Version: 2017.9.1.1, Zeitstempel: 0x58fde79c
Ausnahmecode: 0xc0010000
Fehleroffset: 0x000000000000bcb6
ID des fehlerhaften Prozesses: 0x2758
Startzeit der fehlerhaften Anwendung: 0x01d2cc9508087919
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
Berichtskennung: 258fa82a-7665-4212-bdfd-45ddbd9221d9
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (05/14/2017 01:07:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/14/2017 01:05:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2017 01:05:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/14/2017 01:05:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Error: (05/14/2017 12:53:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/14/2017 12:51:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2017 12:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/14/2017 12:51:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS
Error: (05/14/2017 12:49:04 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (05/14/2017 12:48:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-05-14 12:59:41.336
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:41.093
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.907
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.520
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.514
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.509
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET80CC.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET3DBA.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET3DBA.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-14 12:59:40.413
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SET3DBA.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-11 14:11:59.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\SETE963.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8153.38 MB
Verfügbarer physikalischer RAM: 5994.43 MB
Summe virtueller Speicher: 11481.38 MB
Verfügbarer virtueller Speicher: 9313.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:118.36 GB) (Free:9.49 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:976.56 GB) (Free:284 GB) NTFS
Drive f: (Volume) (Fixed) (Total:886.35 GB) (Free:203.4 GB) NTFS
Drive g: (Lokaler Datenträger ) (Fixed) (Total:232.33 GB) (Free:30.4 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C6ECC302)
Partition 1: (Active) - (Size=118.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C6ECC30A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
14.05.2017, 12:29
| #15 |
| /// TB-Ausbilder | Adware installiert immer wieder Chrome und Toolbars Servus, ok, gut gemacht.  So geht es weiter: Schritt 1
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
| Themen zu Adware installiert immer wieder Chrome und Toolbars |
| administrator, adobe, adobe flash player, adware, browser, defender, desktop, dll, explorer, firefox, flash player, iexplore.exe, internet, löschen, mozilla, node.js, nvidia, problem, prozesse, registry, rundll, software, suchmaschine, svchost.exe, temp, windows, windowsapps |
Linear-Darstellung
