| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ESET meldet FundeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.05.2017, 17:12
| #1 |
 |  ESET meldet Funde Hallo liebes Trojaner-Board-Team, wie bereits der Titel sagt, meldet ESET bei mir ein paar Funde. Leider habe ich vergessen einen Screenshot anzufertigen. was ist noch weiß ist, dass es insgesamt drei Funde waren. Darunter: "Variante von Win32/FusionCore.L "Variante von Win 32/FusionCore.J (oder anderer Buchstabe) Ich bin schon vorher mit COMODO und MBM drüber. Sie hatten beide keine Funde. Ich habe gesehen, dass ein anderer User ähnliche Funde hatte. Es scheint sich um unerwünschte Adware zu handeln. Viele Grüße, Gloriaflyx Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (27-05-2017 18:07:02)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Video.UI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\KillSwitch.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-05-27]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-05-05]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2017-02-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-02-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-05-26] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-27 18:07 - 2017-05-27 18:07 - 00019773 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-05-27 18:06 - 2017-05-27 18:07 - 00000000 ____D C:\FRST
2017-05-27 18:02 - 2017-05-27 18:02 - 02429952 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-05-27 16:21 - 2017-05-27 16:21 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-27 16:20 - 2017-05-27 16:20 - 02870984 _____ (ESET) C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe
2017-05-26 09:31 - 2017-05-26 19:35 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:52 - 2017-05-17 18:52 - 00000000 ____D C:\Windows.old
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-05-26 19:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 19:15 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002700 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002440 _____ C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-05-26 23:20 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-05-27 16:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-05-26 19:41 - 02729236 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00147000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2016-12-22 01:59 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2016-11-03 16:32 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:55 - 2017-05-27 17:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-05-26 19:35 - 00506712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-12 11:35 - 2017-05-12 11:35 - 00060895 _____ C:\Users\Gloriaflyx\Desktop\Info Exk. 10 Eltville.pdf
2017-05-12 11:34 - 2017-05-12 11:34 - 00155883 _____ C:\Users\Gloriaflyx\Desktop\Info Exk. 8 Gewässerexkursion.pdf
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00001258 _____ C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-03 18:21 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-05-03 10:27 - 2017-05-03 10:27 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\PDFCreator
2017-05-02 21:10 - 2017-05-17 19:15 - 00002448 _____ C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-02 21:07 - 2017-05-02 21:08 - 06100264 _____ (Microsoft Corporation) C:\Users\Gloriaflyx\Downloads\setuplanguagepack.x64.en-us_.exe
2017-05-02 21:05 - 2017-05-02 21:06 - 05897000 _____ (Microsoft Corporation) C:\Users\Gloriaflyx\Downloads\setuplanguagepack.x64.de-de_.exe
2017-05-01 17:16 - 2017-05-01 17:16 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-05-01 17:16 - 2017-05-01 17:16 - 07676452 _____ C:\Users\Gloriaflyx\Desktop\Intro and Molluscs.pdf
2017-05-01 17:15 - 2017-05-01 17:15 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-27 18:04 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-05-27 18:02 - 2014-04-02 20:05 - 01374040 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-05-27 17:56 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-05-27 17:55 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-05-27 17:54 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-05-27 16:19 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 22:02 - 2010-11-21 05:27 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 21:11 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 19:43 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 19:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 19:41 - 2017-03-20 06:41 - 01236610 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-26 19:41 - 2017-03-20 06:41 - 00294824 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-26 19:35 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-26 19:35 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-05-26 12:43 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-26 09:32 - 2016-12-29 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-21 15:58 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-20 16:42 - 2015-09-13 16:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-19 14:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:17 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-05-17 19:15 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:07 - 2016-12-27 17:25 - 00000460 __RSH C:\ProgramData\ntuser.pol
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2017-04-26 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2017-05-17 18:01 - 2017-04-26 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-17 18:01 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:57 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-17 17:36 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe
2017-05-03 22:34 - 2014-07-02 21:00 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\vlc
2017-05-03 10:27 - 2015-02-03 10:16 - 00000000 ____D C:\Program Files\PDFCreator
2017-04-29 14:47 - 2014-03-10 16:37 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\CrashDumps
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-17 17:55
==================== Ende von FRST.txt ============================
|
|
27.05.2017, 17:13
| #2 |
| | ESET meldet Funde Hier noch Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Gloriaflyx (27-05-2017 18:07:31)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
calibre (HKLM-x32\...\{6EB8794A-DAF6-4722-90B2-68D1459A9615}) (Version: 2.75.1 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version: - )
FanFictionDownloader version 0.8.14.0 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.8.14.0 - Raimond Eisele)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.5.1 (HKLM-x32\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version: - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {FDFFF155-A9BE-414D-B4E2-3EFD4B350771} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-05-17 17:56 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-04-27 19:24 - 2017-04-27 19:24 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-19 14:31 - 2016-06-19 14:31 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-05-05 21:04 - 2017-05-05 21:04 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-08-23 20:01 - 2014-01-29 16:36 - 00271280 _____ () C:\Program Files\COMODO\COMODO Internet Security\themes\CCE.THEME
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncMFTH264.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-26-0.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncMFTH264.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\opencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-26-0.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Gloriaflyx\Desktop\Vorlesung Humanbiologie des Alterns.pdf:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-09-23 21:07 - 00000227 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C7306F57-5A89-4B3D-9647-86B9A3EDF4FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{340A23AD-83FA-494A-8C72-9B119D354602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AD0A6CC-7D69-4057-B188-18B82A21EC5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D898CACD-C67F-4504-B77C-ECD6C84AF580}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7229F440-A74A-4C4F-AB16-3580AF902AE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F068410F-5376-4535-B281-FF1A4DE7EC98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E4E3DB35-064D-4E32-A06A-790B57CE72D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6240313-6D3B-4897-B26E-D6DF9AD8FAF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B74CBF9B-7DBF-4710-A2C9-AABF3BB4FCBE}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{9D091F3D-2FD7-4B7F-864E-8022F46587C7}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{617075F9-CF19-4EAF-B308-0D9C8E49D83A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{0441E76E-DE86-4CB9-BE6F-057E69B4ED6D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{5EC522D1-6A39-4BAB-99C5-040ECDC28967}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{6D552728-80E7-4F84-ABE4-F52314FCA93A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{395A1E99-B36C-4778-BA40-093A8E11AF44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{D1A64703-1DF8-4726-BB86-166DC7712D01}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{8D530BD0-F6E2-4EC3-A66B-10F11E50E0E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{30170A64-C79C-4B64-9B9C-3C4746BA620F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{44D637C9-7D6B-4320-BF3A-0B86F935DC10}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{0783A148-F84A-40BF-941E-9CCF1A929DF0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{213E06D3-F4D6-49E4-9D54-B49C65461C00}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21B456D8-BDC2-4203-96AB-5BA372335299}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DE107B61-C58A-486F-AA4F-E530D54C798E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1EDAF709-CC50-4E06-AE24-EA0A5C1AF3FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6A4CF7DA-06A5-45B9-8E10-04181104D818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{6FDC5F18-279C-4E1F-BB58-E9E07E686028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{683064EE-A4CE-4D85-B72B-DF952EB8B7B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A82CEE29-8A24-4B50-8C9C-62B3CA7DE444}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7DEB59C9-F185-4B63-962A-B0B4D968CE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{7E0C1D8F-CAD2-47BC-8DE5-7B87BF53B8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{CF751517-40A7-425A-8BAB-FA28E5524C85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D5A66A4-EA4E-4D49-A0EB-D4CAD289CBD7}] => (Allow) LPort=82
FirewallRules: [{5115A262-97FC-4BD8-988E-A1BE756874BC}] => (Allow) LPort=82
FirewallRules: [{48BC6F67-412B-4AA6-878F-9F11A089176A}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{40318DF4-D77B-48E2-AAC1-5E57E1AB8610}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{0B9AD4F6-1396-4920-A55B-AE7C8D047D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B3BBFFD-2D34-4233-B5C6-9A147BED8678}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E6990E2-28DE-43D5-B85C-15BDE32F0B81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6FFB4CAD-BB1B-4986-A25A-0CB0131BFF35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2C82E8DB-6B47-4C49-A804-526A1B4EDA6E}] => (Allow) LPort=1900
FirewallRules: [{1EB0D34A-34C2-4A25-9559-DD95C06B4E82}] => (Allow) LPort=2869
FirewallRules: [{82F73D39-E827-44A8-A7CC-A8C1194D18B3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F2264AE5-8A68-4CE3-A3A3-2AB08F9E0C19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{79EA8526-7705-4884-82FA-2A7546F5EBF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{741F57FC-17D9-40DE-AE51-9939E3146DBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{81047ADA-4835-4F54-98E7-F7825358CD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{484BE953-A818-46FC-8C0E-762B527FF604}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79EFDB78-C22F-4ADF-B1BF-BE3A5B63A9DB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{67774682-41F7-4CC1-ADC5-E5F492657415}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{8306B7C9-E38B-4B54-8F97-E641457FCF23}] => (Allow) LPort=53
FirewallRules: [{DA823A05-9D34-4185-8310-0704498170A1}] => (Allow) LPort=53
FirewallRules: [{9741EB6E-0D6F-43D5-A3A3-3E511CC4FC3C}] => (Allow) LPort=68
FirewallRules: [{1FE2263C-EC3E-4435-846D-B4D46AA34E0A}] => (Allow) LPort=67
FirewallRules: [{066922B0-6137-42B9-ADFB-0701BFA6EC2A}] => (Allow) LPort=53
FirewallRules: [{22252692-CD41-4ACF-B52D-67673CDCC5B1}] => (Allow) LPort=1542
FirewallRules: [{DBCC0F7A-3603-4C61-B277-724344051344}] => (Allow) LPort=1542
FirewallRules: [{C98C0483-875E-4482-9542-302290834C68}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{2D4B3E19-F842-4DBF-902C-0B595068949C}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FA005BF5-DCB5-483D-AD35-6B357B56B78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{C0581BEB-1F7E-4E69-BD45-DBBA0BE9DFB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{801BF783-B7D6-49B4-99C0-D9C0BDC2119E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{20CA3455-5661-4C54-9C3C-3D54241E1A75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CD3B165B-F2FB-4BA7-AEC8-6863EB001DC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E9F6F41-4566-489C-8044-3CDC998AB084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A15EFEB3-2D8B-4AEC-BB51-73FC90375414}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{606BFD88-6914-483F-A67D-603329CF3C63}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{AC12A9C3-5E3B-41E1-88EF-353322A82CAE}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{981BF606-4B92-4910-8D48-8FD87DA69452}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{98247D04-0FA7-4B03-A834-405A11AC03FC}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{C2256B62-96C1-4E48-966A-D8CC998576A2}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B08948B3-0E7A-4D74-ACC1-A8627608A670}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{1717CBAD-C663-4703-8C51-3E3784162616}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{9B2E86CB-41BB-4658-8E0B-B4EE59FC423D}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A0846C27-6804-4492-9622-4B57AFA72EE7}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{AF5497C7-8409-4880-8AC8-50AAA0FF1A3E}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B8972737-AAE5-44E2-9897-C94EAACA3508}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{11CDF3F1-A21B-4633-9882-3EDE4CF43A87}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{1CECC7CF-3A49-4D19-AF98-EBF3B19DA9EB}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E018E907-6743-40A1-B276-A9C82EFD8653}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{B59E3FDA-9CE2-475A-9C53-618A01E61F8B}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{D25DA9A7-D7D5-47AD-ABD7-A88092CADFD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9471F074-83B7-4DB1-A645-125ED01AFB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2F1D9E7-2C11-432E-A09F-6ED1C372FC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A2371949-7434-4455-A6F0-C790FF2B30A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C2470E2-FA81-4AB3-8C7C-4970A93236C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A66A8E9B-55CE-4D03-BBB5-462120E28CBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F03E619D-67FD-4F88-89E2-5DB2B5A4EB1C}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BE1EAF96-508D-44D4-95FC-8A0E58229036}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{D1551AF8-3700-4A3A-8F2E-27B6E1963D79}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{14B632C5-AB0F-46DB-B97F-2E00B376ADD2}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{208E418D-C56A-4AFC-B23C-B345254FB396}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F4B23ECE-6DBF-417A-8DF3-B3E4BE413C74}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{450BC955-1211-474D-8F07-C71E819144F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{076E8502-EAE6-4EAD-9254-93F2F0E36256}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{775302EF-8794-472B-BF46-85B0037CC899}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E556F77B-3276-426C-8706-3E3851F65788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CFEF93C-5613-4E27-BC2E-DE15D0096CE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CF45B88-F589-4CDC-B930-EB2528678DCB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E3D579F-C712-48C0-B8AA-D7E7C9235E07}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{3B10DFDF-5DE3-4559-8E09-2B415C61C268}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{17654475-8B19-4B88-9552-83C0A910FCB8}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C79269AE-A5D4-4304-9EDD-C24E8E95D8EA}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8E1DFB3B-B821-4878-BB67-047E621DD7AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C9E442A-62C4-47C9-A66F-BCB7F2644311}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9AE74D1F-B7ED-474D-A32D-D645E514B411}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D64AB105-1D59-45C5-A746-E82EA6E071A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{1B2F4207-A11B-4093-B808-64FEB7C51EFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{D4BE5AD1-3543-460A-97C8-C652F361FF64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{C889F803-0903-4FA5-8DFD-04DABAF2AA07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
23-05-2017 19:56:51 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/27/2017 06:02:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 05:58:26 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (05/27/2017 05:57:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (05/27/2017 05:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/27/2017 05:53:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (05/27/2017 05:53:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/27/2017 05:53:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-05-27 18:04:33.407
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 17:55:17.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 17:54:43.032
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 17:41:10.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 16:31:39.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 16:31:20.929
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-27 16:29:43.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 10:29:03.438
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 10:26:10.415
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-27 10:14:27.122
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 4576.31 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12305.52 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:226.47 GB) (Free:33.34 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:9.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
05.06.2017, 09:08
| #3 |
| /// TB-Ausbilder   | ESET meldet Funde Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
05.06.2017, 09:35
| #4 |
| | ESET meldet Funde Hallo Matthias, danke, dass du mir hilfst. Ihr habt wohl derzeit viel zu tun, oder? Habe es im Forum gesehen. Vor allem, weil viele dieses CMD-Problem haben. Das zeigt sich übrigens auch bei mir. Kann es sein, dass dieses Problem mit dem neuen Windows 10 Update gekommen ist? Kommt mir nämlich so vor. Hier nun die Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (05-06-2017 10:28:06)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-05]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-04] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 10:28 - 2017-06-05 10:28 - 00019174 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07676452 _____ C:\Users\Gloriaflyx\Desktop\Intro and Molluscs.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-04 12:48 - 2017-06-04 12:48 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-05 10:28 - 00000000 ____D C:\FRST
2017-05-27 16:21 - 2017-05-27 16:21 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-04 12:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002440 _____ C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-04 23:03 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-05 10:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-06-04 12:54 - 02853756 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-04 13:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-06-04 12:48 - 00506712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 10:27 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-05 10:26 - 2014-04-02 20:05 - 01391412 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-05 10:25 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:24 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-05 10:24 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-05 10:23 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-04 23:03 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:19 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-06-04 12:54 - 2017-03-20 06:41 - 01304378 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-04 12:54 - 2017-03-20 06:41 - 00313768 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-04 12:48 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-03 22:55 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-26 09:32 - 2016-12-29 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:07 - 2016-12-27 17:25 - 00000460 __RSH C:\ProgramData\ntuser.pol
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:57 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-30 21:44
==================== Ende von FRST.txt ============================
|
|
05.06.2017, 09:37
| #5 |
| | ESET meldet FundeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 10:28:58)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version: - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-05-17 17:56 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-09-23 21:07 - 00000227 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C7306F57-5A89-4B3D-9647-86B9A3EDF4FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{340A23AD-83FA-494A-8C72-9B119D354602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AD0A6CC-7D69-4057-B188-18B82A21EC5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D898CACD-C67F-4504-B77C-ECD6C84AF580}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7229F440-A74A-4C4F-AB16-3580AF902AE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F068410F-5376-4535-B281-FF1A4DE7EC98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E4E3DB35-064D-4E32-A06A-790B57CE72D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6240313-6D3B-4897-B26E-D6DF9AD8FAF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B74CBF9B-7DBF-4710-A2C9-AABF3BB4FCBE}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{9D091F3D-2FD7-4B7F-864E-8022F46587C7}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{617075F9-CF19-4EAF-B308-0D9C8E49D83A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{0441E76E-DE86-4CB9-BE6F-057E69B4ED6D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{5EC522D1-6A39-4BAB-99C5-040ECDC28967}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{6D552728-80E7-4F84-ABE4-F52314FCA93A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{395A1E99-B36C-4778-BA40-093A8E11AF44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{D1A64703-1DF8-4726-BB86-166DC7712D01}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{8D530BD0-F6E2-4EC3-A66B-10F11E50E0E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{30170A64-C79C-4B64-9B9C-3C4746BA620F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{44D637C9-7D6B-4320-BF3A-0B86F935DC10}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{0783A148-F84A-40BF-941E-9CCF1A929DF0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{213E06D3-F4D6-49E4-9D54-B49C65461C00}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21B456D8-BDC2-4203-96AB-5BA372335299}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DE107B61-C58A-486F-AA4F-E530D54C798E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1EDAF709-CC50-4E06-AE24-EA0A5C1AF3FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6A4CF7DA-06A5-45B9-8E10-04181104D818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{6FDC5F18-279C-4E1F-BB58-E9E07E686028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{683064EE-A4CE-4D85-B72B-DF952EB8B7B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A82CEE29-8A24-4B50-8C9C-62B3CA7DE444}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7DEB59C9-F185-4B63-962A-B0B4D968CE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{7E0C1D8F-CAD2-47BC-8DE5-7B87BF53B8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{CF751517-40A7-425A-8BAB-FA28E5524C85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D5A66A4-EA4E-4D49-A0EB-D4CAD289CBD7}] => (Allow) LPort=82
FirewallRules: [{5115A262-97FC-4BD8-988E-A1BE756874BC}] => (Allow) LPort=82
FirewallRules: [{48BC6F67-412B-4AA6-878F-9F11A089176A}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{40318DF4-D77B-48E2-AAC1-5E57E1AB8610}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{0B9AD4F6-1396-4920-A55B-AE7C8D047D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B3BBFFD-2D34-4233-B5C6-9A147BED8678}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E6990E2-28DE-43D5-B85C-15BDE32F0B81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6FFB4CAD-BB1B-4986-A25A-0CB0131BFF35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2C82E8DB-6B47-4C49-A804-526A1B4EDA6E}] => (Allow) LPort=1900
FirewallRules: [{1EB0D34A-34C2-4A25-9559-DD95C06B4E82}] => (Allow) LPort=2869
FirewallRules: [{82F73D39-E827-44A8-A7CC-A8C1194D18B3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F2264AE5-8A68-4CE3-A3A3-2AB08F9E0C19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{79EA8526-7705-4884-82FA-2A7546F5EBF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{741F57FC-17D9-40DE-AE51-9939E3146DBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{81047ADA-4835-4F54-98E7-F7825358CD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{484BE953-A818-46FC-8C0E-762B527FF604}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79EFDB78-C22F-4ADF-B1BF-BE3A5B63A9DB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{67774682-41F7-4CC1-ADC5-E5F492657415}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{8306B7C9-E38B-4B54-8F97-E641457FCF23}] => (Allow) LPort=53
FirewallRules: [{DA823A05-9D34-4185-8310-0704498170A1}] => (Allow) LPort=53
FirewallRules: [{9741EB6E-0D6F-43D5-A3A3-3E511CC4FC3C}] => (Allow) LPort=68
FirewallRules: [{1FE2263C-EC3E-4435-846D-B4D46AA34E0A}] => (Allow) LPort=67
FirewallRules: [{066922B0-6137-42B9-ADFB-0701BFA6EC2A}] => (Allow) LPort=53
FirewallRules: [{22252692-CD41-4ACF-B52D-67673CDCC5B1}] => (Allow) LPort=1542
FirewallRules: [{DBCC0F7A-3603-4C61-B277-724344051344}] => (Allow) LPort=1542
FirewallRules: [{C98C0483-875E-4482-9542-302290834C68}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{2D4B3E19-F842-4DBF-902C-0B595068949C}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FA005BF5-DCB5-483D-AD35-6B357B56B78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{C0581BEB-1F7E-4E69-BD45-DBBA0BE9DFB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{801BF783-B7D6-49B4-99C0-D9C0BDC2119E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{20CA3455-5661-4C54-9C3C-3D54241E1A75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CD3B165B-F2FB-4BA7-AEC8-6863EB001DC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E9F6F41-4566-489C-8044-3CDC998AB084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A15EFEB3-2D8B-4AEC-BB51-73FC90375414}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{606BFD88-6914-483F-A67D-603329CF3C63}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{AC12A9C3-5E3B-41E1-88EF-353322A82CAE}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{981BF606-4B92-4910-8D48-8FD87DA69452}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{98247D04-0FA7-4B03-A834-405A11AC03FC}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{C2256B62-96C1-4E48-966A-D8CC998576A2}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B08948B3-0E7A-4D74-ACC1-A8627608A670}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{1717CBAD-C663-4703-8C51-3E3784162616}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{9B2E86CB-41BB-4658-8E0B-B4EE59FC423D}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A0846C27-6804-4492-9622-4B57AFA72EE7}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{AF5497C7-8409-4880-8AC8-50AAA0FF1A3E}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B8972737-AAE5-44E2-9897-C94EAACA3508}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{11CDF3F1-A21B-4633-9882-3EDE4CF43A87}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{1CECC7CF-3A49-4D19-AF98-EBF3B19DA9EB}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E018E907-6743-40A1-B276-A9C82EFD8653}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{B59E3FDA-9CE2-475A-9C53-618A01E61F8B}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{D25DA9A7-D7D5-47AD-ABD7-A88092CADFD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9471F074-83B7-4DB1-A645-125ED01AFB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2F1D9E7-2C11-432E-A09F-6ED1C372FC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A2371949-7434-4455-A6F0-C790FF2B30A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C2470E2-FA81-4AB3-8C7C-4970A93236C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A66A8E9B-55CE-4D03-BBB5-462120E28CBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F03E619D-67FD-4F88-89E2-5DB2B5A4EB1C}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BE1EAF96-508D-44D4-95FC-8A0E58229036}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{D1551AF8-3700-4A3A-8F2E-27B6E1963D79}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{14B632C5-AB0F-46DB-B97F-2E00B376ADD2}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{208E418D-C56A-4AFC-B23C-B345254FB396}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F4B23ECE-6DBF-417A-8DF3-B3E4BE413C74}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{450BC955-1211-474D-8F07-C71E819144F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{076E8502-EAE6-4EAD-9254-93F2F0E36256}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{775302EF-8794-472B-BF46-85B0037CC899}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E556F77B-3276-426C-8706-3E3851F65788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CFEF93C-5613-4E27-BC2E-DE15D0096CE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CF45B88-F589-4CDC-B930-EB2528678DCB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E3D579F-C712-48C0-B8AA-D7E7C9235E07}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{3B10DFDF-5DE3-4559-8E09-2B415C61C268}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{17654475-8B19-4B88-9552-83C0A910FCB8}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C79269AE-A5D4-4304-9EDD-C24E8E95D8EA}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8E1DFB3B-B821-4878-BB67-047E621DD7AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C9E442A-62C4-47C9-A66F-BCB7F2644311}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9AE74D1F-B7ED-474D-A32D-D645E514B411}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D64AB105-1D59-45C5-A746-E82EA6E071A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{1B2F4207-A11B-4093-B808-64FEB7C51EFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{D4BE5AD1-3543-460A-97C8-C652F361FF64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{C889F803-0903-4FA5-8DFD-04DABAF2AA07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2017 10:27:47 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/05/2017 10:26:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (06/04/2017 12:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/04/2017 12:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/04/2017 12:48:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/04/2017 12:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (06/03/2017 08:01:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/03/2017 08:01:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/03/2017 11:07:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (06/03/2017 11:07:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.
Error: (06/02/2017 08:42:03 PM) (Source: DCOM) (EventID: 10010) (User: Balder)
Description: Der Server "microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/02/2017 05:39:04 PM) (Source: DCOM) (EventID: 10010) (User: Balder)
Description: Der Server "microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-06-05 10:23:49.494
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 23:03:24.853
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 22:48:24.973
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 22:25:34.972
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 22:13:45.823
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 22:06:58.773
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 22:03:24.869
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 21:48:24.820
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 20:57:01.361
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-04 20:48:24.867
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 5089.97 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12736.91 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:226.47 GB) (Free:56.13 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
05.06.2017, 09:39
| #6 |
| | ESET meldet FundeCode:
ATTFilter 10:30:08.0363 0x25e0 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
10:30:16.0161 0x25e0 ============================================================
10:30:16.0161 0x25e0 Current date / time: 2017/06/05 10:30:16.0161
10:30:16.0161 0x25e0 SystemInfo:
10:30:16.0161 0x25e0
10:30:16.0161 0x25e0 OS Version: 10.0.15063 ServicePack: 0.0
10:30:16.0161 0x25e0 Product type: Workstation
10:30:16.0161 0x25e0 ComputerName: BALDER
10:30:16.0161 0x25e0 UserName: Carola Ilgen
10:30:16.0161 0x25e0 Windows directory: C:\WINDOWS
10:30:16.0161 0x25e0 System windows directory: C:\WINDOWS
10:30:16.0161 0x25e0 Running under WOW64
10:30:16.0161 0x25e0 Processor architecture: Intel x64
10:30:16.0161 0x25e0 Number of processors: 8
10:30:16.0161 0x25e0 Page size: 0x1000
10:30:16.0161 0x25e0 Boot type: Normal boot
10:30:16.0161 0x25e0 CodeIntegrityOptions = 0x00000001
10:30:16.0161 0x25e0 ============================================================
10:30:16.0348 0x25e0 KLMD registered as C:\WINDOWS\system32\drivers\21194398.sys
10:30:16.0348 0x25e0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
10:30:16.0536 0x25e0 System UUID: {8731FF8C-1D2D-360D-4028-42A7DA0623C1}
10:30:17.0223 0x25e0 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:17.0223 0x25e0 ============================================================
10:30:17.0223 0x25e0 \Device\Harddisk0\DR0:
10:30:17.0223 0x25e0 MBR partitions:
10:30:17.0223 0x25e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1C4F1D1D
10:30:17.0223 0x25e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C777000, BlocksNum 0x157C000
10:30:17.0223 0x25e0 ============================================================
10:30:17.0223 0x25e0 C: <-> \Device\Harddisk0\DR0\Partition1
10:30:17.0223 0x25e0 D: <-> \Device\Harddisk0\DR0\Partition2
10:30:17.0223 0x25e0 ============================================================
10:30:17.0223 0x25e0 Initialize success
10:30:17.0223 0x25e0 ============================================================
10:31:14.0716 0x13cc ============================================================
10:31:14.0716 0x13cc Scan started
10:31:14.0716 0x13cc Mode: Manual; SigCheck; TDLFS;
10:31:14.0716 0x13cc ============================================================
10:31:14.0716 0x13cc KSN ping started
10:31:14.0938 0x13cc KSN ping finished: true
10:31:16.0875 0x13cc ================ Scan system memory ========================
10:31:16.0875 0x13cc System memory - ok
10:31:16.0875 0x13cc ================ Scan services =============================
10:31:16.0939 0x13cc [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
10:31:17.0081 0x13cc 1394ohci - ok
10:31:17.0095 0x13cc [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
10:31:17.0106 0x13cc 3ware - ok
10:31:17.0120 0x13cc [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
10:31:17.0143 0x13cc ACPI - ok
10:31:17.0147 0x13cc [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
10:31:17.0156 0x13cc AcpiDev - ok
10:31:17.0161 0x13cc [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
10:31:17.0172 0x13cc acpiex - ok
10:31:17.0175 0x13cc [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
10:31:17.0185 0x13cc acpipagr - ok
10:31:17.0189 0x13cc [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
10:31:17.0198 0x13cc AcpiPmi - ok
10:31:17.0202 0x13cc [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
10:31:17.0212 0x13cc acpitime - ok
10:31:17.0220 0x13cc [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:31:17.0228 0x13cc AdobeARMservice - ok
10:31:17.0253 0x13cc [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:31:17.0264 0x13cc AdobeFlashPlayerUpdateSvc - ok
10:31:17.0289 0x13cc [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:31:17.0317 0x13cc ADP80XX - ok
10:31:17.0333 0x13cc [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD C:\WINDOWS\system32\drivers\afd.sys
10:31:17.0352 0x13cc AFD - ok
10:31:17.0360 0x13cc [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:31:17.0376 0x13cc ahcache - ok
10:31:17.0380 0x13cc [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
10:31:17.0391 0x13cc AJRouter - ok
10:31:17.0396 0x13cc [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG C:\WINDOWS\System32\alg.exe
10:31:17.0408 0x13cc ALG - ok
10:31:17.0414 0x13cc [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
10:31:17.0428 0x13cc AmdK8 - ok
10:31:17.0435 0x13cc [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
10:31:17.0449 0x13cc AmdPPM - ok
10:31:17.0453 0x13cc [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
10:31:17.0462 0x13cc amdsata - ok
10:31:17.0470 0x13cc [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
10:31:17.0483 0x13cc amdsbs - ok
10:31:17.0487 0x13cc [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
10:31:17.0495 0x13cc amdxata - ok
10:31:17.0500 0x13cc [ C7F9F91698572CF9EDC18EDDE345BF97, 07C02E275686C2AB165EF37825F6D63AA9AAC08FD29878FEF665353DF0C7D23A ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
10:31:17.0512 0x13cc AppHostSvc - ok
10:31:17.0518 0x13cc [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID C:\WINDOWS\system32\drivers\appid.sys
10:31:17.0530 0x13cc AppID - ok
10:31:17.0535 0x13cc [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
10:31:17.0550 0x13cc AppIDSvc - ok
10:31:17.0554 0x13cc [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo C:\WINDOWS\System32\appinfo.dll
10:31:17.0569 0x13cc Appinfo - ok
10:31:17.0572 0x13cc [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
10:31:17.0591 0x13cc applockerfltr - ok
10:31:17.0598 0x13cc [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:31:17.0613 0x13cc AppMgmt - ok
10:31:17.0626 0x13cc [ 82432C4D8E83A94C7644A61697113B4A, 97105B0089A1E02484B202AC58610A5DCFFF6F64402B67F9E8B6FF3A0FDB6E26 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
10:31:17.0650 0x13cc AppReadiness - ok
10:31:17.0667 0x13cc [ B4F1CF9D0BE52DB8883655C469AAF521, D907B0838E70EBF5D55F00A87222CABE8904FEB8483F4F8168157F27A4EDB6EE ] AppVClient C:\WINDOWS\system32\AppVClient.exe
10:31:17.0691 0x13cc AppVClient - ok
10:31:17.0698 0x13cc [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
10:31:17.0708 0x13cc AppvStrm - ok
10:31:17.0714 0x13cc [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
10:31:17.0725 0x13cc AppvVemgr - ok
10:31:17.0731 0x13cc [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
10:31:17.0743 0x13cc AppvVfs - ok
10:31:17.0789 0x13cc [ EAE1B6D86D661BFC494A3975583F722C, 9F6C4254B62299DAE712B9B6447CF5F6D69B529FE736427D79C2327F5B022670 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
10:31:17.0865 0x13cc AppXSvc - ok
10:31:17.0873 0x13cc [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
10:31:17.0883 0x13cc arcsas - ok
10:31:17.0895 0x13cc [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:31:17.0905 0x13cc aspnet_state - ok
10:31:17.0908 0x13cc [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
10:31:17.0919 0x13cc AsyncMac - ok
10:31:17.0923 0x13cc [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
10:31:17.0932 0x13cc atapi - ok
10:31:17.0945 0x13cc [ 8FF48F1C894EDC6AA55CCF01AE1338EC, 446654CC72062061F2F80DEAA30C4F575B34BAC31D50C174F4DA20B7ED2D13C7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:31:17.0970 0x13cc AudioEndpointBuilder - ok
10:31:17.0995 0x13cc [ DCD20FAF0485C59032397DA2F93746AE, BED193535533E7264FD29BC0AE1BBD6F97EA92FF117EF4A527B0677E630B94EF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
10:31:18.0038 0x13cc Audiosrv - ok
10:31:18.0046 0x13cc [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
10:31:18.0059 0x13cc AxInstSV - ok
10:31:18.0072 0x13cc [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
10:31:18.0089 0x13cc b06bdrv - ok
10:31:18.0094 0x13cc [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:31:18.0105 0x13cc BasicDisplay - ok
10:31:18.0109 0x13cc [ CFD199354CC01F5857F3F27BC1BA2DBE, 8C3173A28EE11CE62789DC86F2DA56944478015ECB1BA02E1AFFDEDF5280373C ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
10:31:18.0119 0x13cc BasicRender - ok
10:31:18.0124 0x13cc [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
10:31:18.0134 0x13cc bcmfn2 - ok
10:31:18.0143 0x13cc [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
10:31:18.0162 0x13cc BDESVC - ok
10:31:18.0166 0x13cc [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:31:18.0176 0x13cc Beep - ok
10:31:18.0193 0x13cc [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE C:\WINDOWS\System32\bfe.dll
10:31:18.0223 0x13cc BFE - ok
10:31:18.0247 0x13cc [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS C:\WINDOWS\System32\qmgr.dll
10:31:18.0306 0x13cc BITS - ok
10:31:18.0314 0x13cc [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
10:31:18.0326 0x13cc bowser - ok
10:31:18.0344 0x13cc [ 04B27B2DE2981E79E078FAAC3AA8748F, 716F00D507D37CC549BE665D957186F2CF7B2B8C9B959B0FE8D01EBED2F154C6 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:31:18.0382 0x13cc BrokerInfrastructure - ok
10:31:18.0390 0x13cc [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser C:\WINDOWS\System32\browser.dll
10:31:18.0403 0x13cc Browser - ok
10:31:18.0412 0x13cc [ 62D38645A251A5742027B0A48672FFE5, 60EDAFB548EF5BC2C90308189E4C14435C83065CE4B23830A255D2D4AE5884F9 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
10:31:18.0422 0x13cc BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:31:18.0540 0x13cc Detect skipped due to KSN trusted
10:31:18.0541 0x13cc BrYNSvc - ok
10:31:18.0555 0x13cc [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:31:18.0586 0x13cc BthAvrcpTg - ok
10:31:18.0593 0x13cc [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
10:31:18.0612 0x13cc BthHFEnum - ok
10:31:18.0616 0x13cc [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
10:31:18.0626 0x13cc bthhfhid - ok
10:31:18.0637 0x13cc [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
10:31:18.0657 0x13cc BthHFSrv - ok
10:31:18.0661 0x13cc [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
10:31:18.0672 0x13cc BTHMODEM - ok
10:31:18.0678 0x13cc [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv C:\WINDOWS\system32\bthserv.dll
10:31:18.0692 0x13cc bthserv - ok
10:31:18.0695 0x13cc [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:31:18.0706 0x13cc buttonconverter - ok
10:31:18.0710 0x13cc [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
10:31:18.0719 0x13cc CAD - ok
10:31:18.0723 0x13cc [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
10:31:18.0736 0x13cc CapImg - ok
10:31:18.0740 0x13cc [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:31:18.0753 0x13cc cdfs - ok
10:31:18.0772 0x13cc [ 00C7849679FCF4AE8DA78DC16BDDA369, CCEDC195D5D9512BA9E50FF586CB4B7AB9AE7091E71A24D46A934E97D84DFEBD ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
10:31:18.0810 0x13cc CDPSvc - ok
10:31:18.0822 0x13cc [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
10:31:18.0846 0x13cc CDPUserSvc - ok
10:31:18.0855 0x13cc [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
10:31:18.0868 0x13cc cdrom - ok
10:31:18.0875 0x13cc [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc C:\WINDOWS\System32\certprop.dll
10:31:18.0890 0x13cc CertPropSvc - ok
10:31:18.0900 0x13cc [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
10:31:18.0915 0x13cc cht4iscsi - ok
10:31:18.0952 0x13cc [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
10:31:18.0998 0x13cc cht4vbd - ok
10:31:19.0005 0x13cc [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass C:\WINDOWS\System32\drivers\circlass.sys
10:31:19.0016 0x13cc circlass - ok
10:31:19.0019 0x13cc [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
10:31:19.0036 0x13cc CldFlt - ok
10:31:19.0045 0x13cc [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
10:31:19.0061 0x13cc CLFS - ok
10:31:19.0132 0x13cc [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:31:19.0202 0x13cc ClickToRunSvc - ok
10:31:19.0225 0x13cc [ A5CA2992D42DB271DF933F49676E57DE, 7CC6B2908D9E2EDF848949C78433FAEC5526AE38307D095AA0EC66BFC45AEE3A ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
10:31:19.0249 0x13cc ClipSVC - ok
10:31:19.0253 0x13cc [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg C:\WINDOWS\System32\drivers\registry.sys
10:31:19.0263 0x13cc clreg - ok
10:31:19.0271 0x13cc [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
10:31:19.0281 0x13cc CmBatt - ok
10:31:19.0459 0x13cc [ D89A5F783930C19A00716C18F01EA3DC, 81AC9EDA7827516F868B2F3855AA91DEBF0F48528EF573A2C21987829F0F9ED9 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
10:31:19.0681 0x13cc cmdAgent - ok
10:31:19.0701 0x13cc [ 75FAC0C7E718CB9F9E18FC67FBCEA865, A879445088A3A9E1D43B546BCFE74FB0626012CDC31ECBFCFC0C421A09342376 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
10:31:19.0718 0x13cc cmderd - ok
10:31:19.0742 0x13cc [ 72F02505AAC0BA64789D7C0F1E748FF2, 7ACCDDA5C43065859275B6A7BE7EBC2258FDD46DA84467EA3D1B4776024527AB ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
10:31:19.0764 0x13cc cmdGuard - ok
10:31:19.0769 0x13cc [ AB85A7942E1F156F42FFE9C173DD5408, E627AF7F7EEEFC560399C7847A843470D84161FC547767B0278A264DF5891736 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
10:31:19.0776 0x13cc cmdHlp - ok
10:31:19.0843 0x13cc [ 7163FE1A6AA75B34E5E032D522D4B8F3, 18D0DFF879284490094B8E65838D59EF6FAF5EBB69F63E00AD458E8071DF5C4B ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
10:31:19.0893 0x13cc cmdvirth - ok
10:31:19.0912 0x13cc [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG C:\WINDOWS\system32\Drivers\cng.sys
10:31:19.0933 0x13cc CNG - ok
10:31:19.0937 0x13cc [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:31:19.0946 0x13cc cnghwassist - ok
10:31:19.0961 0x13cc [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
10:31:19.0972 0x13cc CompositeBus - ok
10:31:19.0976 0x13cc COMSysApp - ok
10:31:19.0980 0x13cc [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv C:\WINDOWS\system32\drivers\condrv.sys
10:31:19.0989 0x13cc condrv - ok
10:31:20.0008 0x13cc [ D734EBC7E66D82D543C874ED1FE9B40D, 8381E7B619BB36A1896C2A472AB830B775F317BE6ABDE98E4F943337C21930E0 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:31:20.0033 0x13cc CoreMessagingRegistrar - ok
10:31:20.0059 0x13cc [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
10:31:20.0073 0x13cc cphs - ok
10:31:20.0080 0x13cc [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
10:31:20.0094 0x13cc CryptSvc - ok
10:31:20.0107 0x13cc [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC C:\WINDOWS\system32\drivers\csc.sys
10:31:20.0130 0x13cc CSC - ok
10:31:20.0146 0x13cc [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService C:\WINDOWS\System32\cscsvc.dll
10:31:20.0174 0x13cc CscService - ok
10:31:20.0179 0x13cc [ 994A369A2DFC62ADED1226C70F69D20D, 916AF63ADD92362F5361902AB4C1507086EAB8839BEC10DB65CDE0AAB20681DE ] dam C:\WINDOWS\system32\drivers\dam.sys
10:31:20.0189 0x13cc dam - ok
10:31:20.0210 0x13cc [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:31:20.0248 0x13cc DcomLaunch - ok
10:31:20.0260 0x13cc [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
10:31:20.0288 0x13cc defragsvc - ok
10:31:20.0299 0x13cc [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:31:20.0319 0x13cc DeviceAssociationService - ok
10:31:20.0325 0x13cc [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
10:31:20.0346 0x13cc DeviceInstall - ok
10:31:20.0360 0x13cc [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
10:31:20.0388 0x13cc DevicesFlowUserSvc - ok
10:31:20.0393 0x13cc [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
10:31:20.0405 0x13cc DevQueryBroker - ok
10:31:20.0413 0x13cc [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
10:31:20.0447 0x13cc Dfsc - ok
10:31:20.0456 0x13cc [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
10:31:20.0475 0x13cc Dhcp - ok
10:31:20.0481 0x13cc [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:31:20.0494 0x13cc diagnosticshub.standardcollector.service - ok
10:31:20.0536 0x13cc [ F38183343C14B0C0BAB900640652257F, 2C42D206A552A527097BF586F338D89252B6F90044A54322757A4B74644E66E1 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
10:31:20.0608 0x13cc DiagTrack - ok
10:31:20.0623 0x13cc [ ECCC63B7D88392EC725EFA0B1EA05ABB, BDC406D9AEBB1CCA4CDFAC6D0101D8AABC78C693CD6C675B20BC3157C91F2311 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
10:31:20.0638 0x13cc DigitalWave.Update.Service - ok
10:31:20.0644 0x13cc [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk C:\WINDOWS\system32\drivers\disk.sys
10:31:20.0653 0x13cc Disk - ok
10:31:20.0666 0x13cc [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:31:20.0705 0x13cc DmEnrollmentSvc - ok
10:31:20.0709 0x13cc [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
10:31:20.0720 0x13cc dmvsc - ok
10:31:20.0724 0x13cc [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:31:20.0743 0x13cc dmwappushservice - ok
10:31:20.0752 0x13cc [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:31:20.0769 0x13cc Dnscache - ok
10:31:20.0778 0x13cc [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
10:31:20.0795 0x13cc dot3svc - ok
10:31:20.0801 0x13cc [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS C:\WINDOWS\system32\dps.dll
10:31:20.0818 0x13cc DPS - ok
10:31:20.0823 0x13cc [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
10:31:20.0831 0x13cc drmkaud - ok
10:31:20.0837 0x13cc [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
10:31:20.0855 0x13cc DsmSvc - ok
10:31:20.0860 0x13cc [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
10:31:20.0877 0x13cc DsSvc - ok
10:31:20.0884 0x13cc [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
10:31:20.0910 0x13cc DusmSvc - ok
10:31:20.0951 0x13cc [ 5FB6528EC95A2E83AE71005108C03D2B, F419FEA6679B59C5993235875C7857E8D960CDDC47E69EF08B20B6774FB08A45 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:31:21.0003 0x13cc DXGKrnl - ok
10:31:21.0020 0x13cc [ B3B6BE0C21B3CF9DA5FEE9E999B1F4A0, F660FA54D9282A1BF0AD22B7432F1EDC14C675C0B23653728B6A74256D0BAA6B ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d62x64.sys
10:31:21.0036 0x13cc e1dexpress - ok
10:31:21.0041 0x13cc [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:31:21.0061 0x13cc EapHost - ok
10:31:21.0118 0x13cc [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
10:31:21.0187 0x13cc ebdrv - ok
10:31:21.0197 0x13cc [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS C:\WINDOWS\System32\lsass.exe
10:31:21.0208 0x13cc EFS - ok
10:31:21.0213 0x13cc [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
10:31:21.0222 0x13cc EhStorClass - ok
10:31:21.0227 0x13cc [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:31:21.0237 0x13cc EhStorTcgDrv - ok
10:31:21.0243 0x13cc [ 0910A2954D7053537495DFF981177ACC, 9A70B599B02C67E3E3EC4FA10D76ABABA614B8CC224965B8F9479E13E68019A1 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
10:31:21.0258 0x13cc embeddedmode - ok
10:31:21.0266 0x13cc [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:31:21.0285 0x13cc EntAppSvc - ok
10:31:21.0288 0x13cc [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
10:31:21.0298 0x13cc ErrDev - ok
10:31:21.0310 0x13cc [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem C:\WINDOWS\system32\es.dll
10:31:21.0331 0x13cc EventSystem - ok
10:31:21.0341 0x13cc [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
10:31:21.0360 0x13cc exfat - ok
10:31:21.0369 0x13cc [ 8F51A5633DEB18DBC8B1C117B42B23D7, C45FEE32C5AB67CEC86AB1388AC2E3508AF5811D8B8A204AAC8E5DC42C749A2C ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
10:31:21.0384 0x13cc fastfat - ok
10:31:21.0396 0x13cc [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:31:21.0422 0x13cc Fax - ok
10:31:21.0426 0x13cc [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
10:31:21.0436 0x13cc fdc - ok
10:31:21.0440 0x13cc [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
10:31:21.0453 0x13cc fdPHost - ok
10:31:21.0457 0x13cc [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
10:31:21.0471 0x13cc FDResPub - ok
10:31:21.0476 0x13cc [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc C:\WINDOWS\system32\fhsvc.dll
10:31:21.0492 0x13cc fhsvc - ok
10:31:21.0496 0x13cc [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
10:31:21.0507 0x13cc FileCrypt - ok
10:31:21.0512 0x13cc [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
10:31:21.0521 0x13cc FileInfo - ok
10:31:21.0524 0x13cc [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
10:31:21.0538 0x13cc Filetrace - ok
10:31:21.0542 0x13cc [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
10:31:21.0552 0x13cc flpydisk - ok
10:31:21.0561 0x13cc [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:31:21.0576 0x13cc FltMgr - ok
10:31:21.0611 0x13cc [ 3B42FD3CCD1E7A6A192B88284B0CBA4F, 2ABD147A845AAD109F1E27258D60E4AE7AB582F303A821436CFF17645AE8F6D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
10:31:21.0665 0x13cc FontCache - ok
10:31:21.0675 0x13cc [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:21.0683 0x13cc FontCache3.0.0.0 - ok
10:31:21.0697 0x13cc [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
10:31:21.0723 0x13cc FrameServer - ok
10:31:21.0728 0x13cc [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
10:31:21.0737 0x13cc FsDepends - ok
10:31:21.0740 0x13cc [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:31:21.0749 0x13cc Fs_Rec - ok
10:31:21.0763 0x13cc [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:31:21.0785 0x13cc fvevol - ok
10:31:21.0789 0x13cc [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
10:31:21.0799 0x13cc gencounter - ok
10:31:21.0803 0x13cc [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
10:31:21.0813 0x13cc genericusbfn - ok
10:31:21.0819 0x13cc [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:31:21.0830 0x13cc GPIOClx0101 - ok
10:31:21.0854 0x13cc [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc C:\WINDOWS\System32\gpsvc.dll
10:31:21.0895 0x13cc gpsvc - ok
10:31:21.0899 0x13cc [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:31:21.0917 0x13cc GpuEnergyDrv - ok
10:31:21.0922 0x13cc [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
10:31:21.0934 0x13cc HDAudBus - ok
10:31:21.0938 0x13cc [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
10:31:21.0958 0x13cc HidBatt - ok
10:31:21.0968 0x13cc [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
10:31:21.0980 0x13cc HidBth - ok
10:31:21.0984 0x13cc [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
10:31:21.0995 0x13cc hidi2c - ok
10:31:21.0999 0x13cc [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:31:22.0008 0x13cc hidinterrupt - ok
10:31:22.0011 0x13cc [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
10:31:22.0022 0x13cc HidIr - ok
10:31:22.0026 0x13cc [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv C:\WINDOWS\system32\hidserv.dll
10:31:22.0037 0x13cc hidserv - ok
10:31:22.0041 0x13cc [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
10:31:22.0052 0x13cc HidUsb - ok
10:31:22.0060 0x13cc [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:31:22.0077 0x13cc HomeGroupListener - ok
10:31:22.0088 0x13cc [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:31:22.0110 0x13cc HomeGroupProvider - ok
10:31:22.0114 0x13cc [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
10:31:22.0123 0x13cc HpSAMD - ok
10:31:22.0144 0x13cc [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
10:31:22.0173 0x13cc HTTP - ok
10:31:22.0178 0x13cc [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
10:31:22.0188 0x13cc HvHost - ok
10:31:22.0191 0x13cc [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
10:31:22.0201 0x13cc hvservice - ok
10:31:22.0204 0x13cc [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
10:31:22.0213 0x13cc hwpolicy - ok
10:31:22.0216 0x13cc [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
10:31:22.0226 0x13cc hyperkbd - ok
10:31:22.0231 0x13cc [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
10:31:22.0243 0x13cc i8042prt - ok
10:31:22.0246 0x13cc [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
10:31:22.0256 0x13cc iagpio - ok
10:31:22.0261 0x13cc [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
10:31:22.0272 0x13cc iai2c - ok
10:31:22.0277 0x13cc [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
10:31:22.0288 0x13cc iaLPSS2i_GPIO2 - ok
10:31:22.0292 0x13cc [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
10:31:22.0304 0x13cc iaLPSS2i_GPIO2_BXT_P - ok
10:31:22.0311 0x13cc [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:31:22.0324 0x13cc iaLPSS2i_I2C - ok
10:31:22.0330 0x13cc [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
10:31:22.0344 0x13cc iaLPSS2i_I2C_BXT_P - ok
10:31:22.0348 0x13cc [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:31:22.0355 0x13cc iaLPSSi_GPIO - ok
10:31:22.0360 0x13cc [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:31:22.0373 0x13cc iaLPSSi_I2C - ok
10:31:22.0387 0x13cc [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
10:31:22.0408 0x13cc iaStorAV - ok
10:31:22.0418 0x13cc [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
10:31:22.0434 0x13cc iaStorV - ok
10:31:22.0447 0x13cc [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
10:31:22.0466 0x13cc ibbus - ok
10:31:22.0483 0x13cc [ EE4787EF275A951CC112C3F5108D148B, 4A11CC606025D134ABD87CE1C4FC73735CBD0F47475C0E1886DCE833C46C6E7A ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
10:31:22.0491 0x13cc IBMPMDRV - ok
10:31:22.0497 0x13cc [ 44800BD71FD77FA5B28E0B9FB69E9D1B, CD99EF150E248F2E76244C26C153DEF18C3707AC84FBE58C642949D1F850332F ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
10:31:22.0507 0x13cc IBMPMSVC - ok
10:31:22.0513 0x13cc [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
10:31:22.0530 0x13cc icssvc - ok
10:31:22.0671 0x13cc [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:31:22.0806 0x13cc igfx - ok
10:31:22.0827 0x13cc [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
10:31:22.0841 0x13cc igfxCUIService2.0.0.0 - ok
10:31:22.0844 0x13cc [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys
10:31:22.0851 0x13cc ikbevent - ok
10:31:22.0870 0x13cc [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
10:31:22.0904 0x13cc IKEEXT - ok
10:31:22.0908 0x13cc [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys
10:31:22.0914 0x13cc imsevent - ok
10:31:22.0917 0x13cc [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
10:31:22.0928 0x13cc IndirectKmd - ok
10:31:22.0934 0x13cc [ 11A3199EB32037559E2E7F37CE75E52F, DC27437C1E6FF005883936612DC17658EA70F532EB001B3715361CE11F4B13AE ] inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
10:31:22.0943 0x13cc inspect - ok
10:31:23.0013 0x13cc [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
10:31:23.0085 0x13cc IntcAzAudAddService - ok
10:31:23.0104 0x13cc [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:31:23.0120 0x13cc IntcDAud - ok
10:31:23.0125 0x13cc [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc C:\WINDOWS\system32\drivers\IntelPcc.sys
10:31:23.0133 0x13cc IntelHSWPcc - ok
10:31:23.0136 0x13cc [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
10:31:23.0145 0x13cc intelide - ok
10:31:23.0149 0x13cc [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
10:31:23.0159 0x13cc intelpep - ok
10:31:23.0164 0x13cc [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
10:31:23.0178 0x13cc intelppm - ok
10:31:23.0182 0x13cc [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate C:\WINDOWS\system32\drivers\iorate.sys
10:31:23.0191 0x13cc iorate - ok
10:31:23.0195 0x13cc [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:31:23.0209 0x13cc IpFilterDriver - ok
10:31:23.0227 0x13cc [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
10:31:23.0272 0x13cc iphlpsvc - ok
10:31:23.0277 0x13cc [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:31:23.0286 0x13cc IPMIDRV - ok
10:31:23.0297 0x13cc [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
10:31:23.0324 0x13cc IPNAT - ok
10:31:23.0328 0x13cc [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
10:31:23.0347 0x13cc IpxlatCfgSvc - ok
10:31:23.0351 0x13cc [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda C:\WINDOWS\system32\drivers\irda.sys
10:31:23.0364 0x13cc irda - ok
10:31:23.0368 0x13cc [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
10:31:23.0379 0x13cc IRENUM - ok
10:31:23.0383 0x13cc [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon C:\WINDOWS\System32\irmon.dll
10:31:23.0395 0x13cc irmon - ok
10:31:23.0398 0x13cc [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
10:31:23.0407 0x13cc isapnp - ok
10:31:23.0415 0x13cc [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
10:31:23.0428 0x13cc iScsiPrt - ok
10:31:23.0432 0x13cc [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
10:31:23.0439 0x13cc ISCT - ok
10:31:23.0446 0x13cc [ 6E5767C95F746B6834F412CDBDCFEC48, DE4FC70159D0A4C0B15DE8F69554F8FF6EED9C6480C0CBE33BF74FCB0BD975FE ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
10:31:23.0455 0x13cc ISCTAgent - ok
10:31:23.0459 0x13cc [ D247D5C0F8747B52F6AFC7E6E0F3DCCD, 4F0D159DCC0086A64278C0E345A7D50A9F6843EDA1C6AE1F8D031692B3775344 ] isedrv C:\WINDOWS\system32\drivers\isedrv.sys
10:31:23.0466 0x13cc isedrv - ok
10:31:23.0471 0x13cc [ B452921B85EEF6FD43C25DE373FF5C48, 6C8F95AF23BC690D1DC43B0FC40D3B8CB48A86C3262DB6DBFEA559FBE69D16EA ] isesrv C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
10:31:23.0478 0x13cc isesrv - ok
10:31:23.0483 0x13cc [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
10:31:23.0493 0x13cc kbdclass - ok
10:31:23.0495 0x13cc [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
10:31:23.0507 0x13cc kbdhid - ok
10:31:23.0510 0x13cc [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
10:31:23.0522 0x13cc kdnic - ok
10:31:23.0525 0x13cc [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso C:\WINDOWS\system32\lsass.exe
10:31:23.0535 0x13cc KeyIso - ok
10:31:23.0541 0x13cc [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
10:31:23.0552 0x13cc KSecDD - ok
10:31:23.0557 0x13cc [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:31:23.0568 0x13cc KSecPkg - ok
10:31:23.0579 0x13cc [ 365D39AD9D6BD9D61299DC098CDFC9E4, 7747A065818E1747C4FF4A96E069DE36919DFCC564D06CA232FD5EED44152687 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
10:31:23.0598 0x13cc ksthunk - ok
10:31:23.0608 0x13cc [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
10:31:23.0627 0x13cc KtmRm - ok
10:31:23.0636 0x13cc [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
10:31:23.0656 0x13cc LanmanServer - ok
10:31:23.0663 0x13cc [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:31:23.0682 0x13cc LanmanWorkstation - ok
10:31:23.0689 0x13cc [ 15314207E40327B5E80ED27D666D202C, 1D820F212B89BEF17A3BA4BCF7AEE07F281E3B67D232BBD04745D4DCE11E5D64 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
10:31:23.0696 0x13cc LENOVO.MICMUTE - ok
10:31:23.0700 0x13cc [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
10:31:23.0712 0x13cc lfsvc - ok
10:31:23.0716 0x13cc [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
10:31:23.0727 0x13cc LicenseManager - ok
10:31:23.0732 0x13cc [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
10:31:23.0750 0x13cc lltdio - ok
10:31:23.0757 0x13cc [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
10:31:23.0781 0x13cc lltdsvc - ok
10:31:23.0784 0x13cc [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
10:31:23.0797 0x13cc lmhosts - ok
10:31:23.0812 0x13cc [ 2898230F4D10F57438A57DFF4D33464F, F425888BEDDA6B580D1491396258BB6F9101FAFE87674C9D793F77CA2E96CE95 ] LPlatSvc C:\WINDOWS\system32\LPlatSvc.exe
10:31:23.0830 0x13cc LPlatSvc - ok
10:31:23.0837 0x13cc [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
10:31:23.0847 0x13cc LSI_SAS - ok
10:31:23.0852 0x13cc [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:31:23.0863 0x13cc LSI_SAS2i - ok
10:31:23.0868 0x13cc [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:31:23.0878 0x13cc LSI_SAS3i - ok
10:31:23.0882 0x13cc [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
10:31:23.0892 0x13cc LSI_SSS - ok
10:31:23.0906 0x13cc [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM C:\WINDOWS\System32\lsm.dll
10:31:23.0934 0x13cc LSM - ok
10:31:23.0940 0x13cc [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv C:\WINDOWS\system32\drivers\luafv.sys
10:31:23.0956 0x13cc luafv - ok
10:31:23.0961 0x13cc [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker C:\WINDOWS\System32\moshost.dll
10:31:23.0973 0x13cc MapsBroker - ok
10:31:23.0983 0x13cc [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
10:31:23.0999 0x13cc mausbhost - ok
10:31:24.0003 0x13cc [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
10:31:24.0013 0x13cc mausbip - ok
10:31:24.0016 0x13cc [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
10:31:24.0026 0x13cc megasas - ok
10:31:24.0030 0x13cc [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
10:31:24.0039 0x13cc megasas2i - ok
10:31:24.0053 0x13cc [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr C:\WINDOWS\system32\drivers\megasr.sys
10:31:24.0073 0x13cc megasr - ok
10:31:24.0077 0x13cc [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
10:31:24.0084 0x13cc MEIx64 - ok
10:31:24.0088 0x13cc [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:31:24.0101 0x13cc MessagingService - ok
10:31:24.0119 0x13cc [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:31:24.0142 0x13cc mlx4_bus - ok
10:31:24.0147 0x13cc [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
10:31:24.0159 0x13cc MMCSS - ok
10:31:24.0162 0x13cc [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem C:\WINDOWS\system32\drivers\modem.sys
10:31:24.0174 0x13cc Modem - ok
10:31:24.0178 0x13cc [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
10:31:24.0189 0x13cc monitor - ok
10:31:24.0193 0x13cc [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
10:31:24.0203 0x13cc mouclass - ok
10:31:24.0206 0x13cc [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
10:31:24.0216 0x13cc mouhid - ok
10:31:24.0221 0x13cc [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
10:31:24.0231 0x13cc mountmgr - ok
10:31:24.0236 0x13cc [ 8ACBB9A5C1E2846215F93227D4197B00, 0BCC8C0BF1C32F58C4E0A9097354DE6E29ACA16CF3CD4565507DD072A4BC5528 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:31:24.0246 0x13cc MozillaMaintenance - ok
10:31:24.0251 0x13cc [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
10:31:24.0262 0x13cc mpsdrv - ok
10:31:24.0281 0x13cc [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
10:31:24.0316 0x13cc MpsSvc - ok
10:31:24.0323 0x13cc [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
10:31:24.0337 0x13cc MQAC - ok
10:31:24.0343 0x13cc [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
10:31:24.0359 0x13cc MRxDAV - ok
10:31:24.0371 0x13cc [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:31:24.0387 0x13cc mrxsmb - ok
10:31:24.0395 0x13cc [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:31:24.0411 0x13cc mrxsmb10 - ok
10:31:24.0418 0x13cc [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:31:24.0431 0x13cc mrxsmb20 - ok
10:31:24.0435 0x13cc [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
10:31:24.0449 0x13cc MsBridge - ok
10:31:24.0454 0x13cc [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC C:\WINDOWS\System32\msdtc.exe
10:31:24.0469 0x13cc MSDTC - ok
10:31:24.0474 0x13cc [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:31:24.0485 0x13cc Msfs - ok
10:31:24.0488 0x13cc [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:31:24.0497 0x13cc msgpiowin32 - ok
10:31:24.0500 0x13cc [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:31:24.0510 0x13cc mshidkmdf - ok
10:31:24.0513 0x13cc [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
10:31:24.0523 0x13cc mshidumdf - ok
10:31:24.0526 0x13cc [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
10:31:24.0534 0x13cc msisadrv - ok
10:31:24.0539 0x13cc [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
10:31:24.0554 0x13cc MSiSCSI - ok
10:31:24.0556 0x13cc msiserver - ok
10:31:24.0559 0x13cc [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
10:31:24.0578 0x13cc MSKSSRV - ok
10:31:24.0582 0x13cc [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
10:31:24.0594 0x13cc MsLldp - ok
10:31:24.0597 0x13cc [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ C:\WINDOWS\system32\mqsvc.exe
10:31:24.0609 0x13cc MSMQ - ok
10:31:24.0612 0x13cc [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
10:31:24.0630 0x13cc MSPCLOCK - ok
10:31:24.0633 0x13cc [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
10:31:24.0651 0x13cc MSPQM - ok
10:31:24.0661 0x13cc [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
10:31:24.0675 0x13cc MsRPC - ok
10:31:24.0683 0x13cc [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
10:31:24.0695 0x13cc MsSecFlt - ok
10:31:24.0699 0x13cc [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
10:31:24.0708 0x13cc mssmbios - ok
10:31:24.0711 0x13cc [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
10:31:24.0729 0x13cc MSTEE - ok
10:31:24.0732 0x13cc [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
10:31:24.0743 0x13cc MTConfig - ok
10:31:24.0747 0x13cc [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
10:31:24.0757 0x13cc Mup - ok
10:31:24.0761 0x13cc [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
10:31:24.0770 0x13cc mvumis - ok
10:31:24.0783 0x13cc [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:31:24.0815 0x13cc NativeWifiP - ok
10:31:24.0832 0x13cc [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
10:31:24.0868 0x13cc NaturalAuthentication - ok
10:31:24.0875 0x13cc [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
10:31:24.0889 0x13cc NcaSvc - ok
10:31:24.0898 0x13cc [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService C:\WINDOWS\System32\ncbservice.dll
10:31:24.0917 0x13cc NcbService - ok
10:31:24.0921 0x13cc [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
10:31:24.0941 0x13cc NcdAutoSetup - ok
10:31:24.0946 0x13cc [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
10:31:24.0955 0x13cc ndfltr - ok
10:31:24.0978 0x13cc [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
10:31:25.0008 0x13cc NDIS - ok
10:31:25.0013 0x13cc [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
10:31:25.0030 0x13cc NdisCap - ok
10:31:25.0035 0x13cc [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:31:25.0055 0x13cc NdisImPlatform - ok
10:31:25.0058 0x13cc [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:31:25.0077 0x13cc NdisTapi - ok
10:31:25.0081 0x13cc [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
10:31:25.0092 0x13cc Ndisuio - ok
10:31:25.0095 0x13cc [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:31:25.0107 0x13cc NdisVirtualBus - ok
10:31:25.0112 0x13cc [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
10:31:25.0134 0x13cc NdisWan - ok
10:31:25.0141 0x13cc [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:31:25.0163 0x13cc ndiswanlegacy - ok
10:31:25.0167 0x13cc [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:31:25.0187 0x13cc ndproxy - ok
10:31:25.0191 0x13cc [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
10:31:25.0212 0x13cc Ndu - ok
10:31:25.0217 0x13cc [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
10:31:25.0230 0x13cc NetAdapterCx - ok
10:31:25.0234 0x13cc [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
10:31:25.0243 0x13cc NetBIOS - ok
10:31:25.0252 0x13cc [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:31:25.0270 0x13cc NetBT - ok
10:31:25.0274 0x13cc [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:31:25.0284 0x13cc Netlogon - ok
10:31:25.0292 0x13cc [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman C:\WINDOWS\System32\netman.dll
10:31:25.0309 0x13cc Netman - ok
10:31:25.0318 0x13cc [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0331 0x13cc NetMsmqActivator - ok
10:31:25.0335 0x13cc [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0344 0x13cc NetPipeActivator - ok
10:31:25.0356 0x13cc [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
10:31:25.0386 0x13cc netprofm - ok
10:31:25.0394 0x13cc [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
10:31:25.0411 0x13cc NetSetupSvc - ok
10:31:25.0415 0x13cc [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0425 0x13cc NetTcpActivator - ok
10:31:25.0429 0x13cc [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0439 0x13cc NetTcpPortSharing - ok
10:31:25.0445 0x13cc [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
10:31:25.0457 0x13cc netvsc - ok
10:31:25.0513 0x13cc [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
10:31:25.0606 0x13cc NETwNb64 - ok
10:31:25.0624 0x13cc [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
10:31:25.0647 0x13cc NgcCtnrSvc - ok
10:31:25.0668 0x13cc [ 6A3DA98447EF49AEB7931ECFBA51AFAD, 9F8E7313E6FD1F46AF22C9C58C877869E73848F459A73F16E0A6AC261BC483DE ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
10:31:25.0704 0x13cc NgcSvc - ok
10:31:25.0714 0x13cc [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
10:31:25.0741 0x13cc NlaSvc - ok
10:31:25.0746 0x13cc [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:31:25.0758 0x13cc Npfs - ok
10:31:25.0762 0x13cc [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
10:31:25.0772 0x13cc npsvctrig - ok
10:31:25.0776 0x13cc [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi C:\WINDOWS\system32\nsisvc.dll
10:31:25.0788 0x13cc nsi - ok
10:31:25.0791 0x13cc [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
10:31:25.0802 0x13cc nsiproxy - ok
10:31:25.0841 0x13cc [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
10:31:25.0897 0x13cc NTFS - ok
10:31:25.0903 0x13cc [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null C:\WINDOWS\system32\drivers\Null.sys
10:31:25.0913 0x13cc Null - ok
10:31:25.0917 0x13cc [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
10:31:25.0929 0x13cc nvdimmn - ok
10:31:26.0234 0x13cc [ 76F187A361C4005708CB6372B4C43264, 81F1ADA87D2D9647368C2D87C0FFFA52430708A6075C03066C3ADD9EFBE353FF ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys
10:31:26.0469 0x13cc nvlddmkm - ok
10:31:26.0515 0x13cc [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:31:26.0546 0x13cc NvNetworkService - ok
10:31:26.0552 0x13cc [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
10:31:26.0563 0x13cc nvraid - ok
10:31:26.0570 0x13cc [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
10:31:26.0581 0x13cc nvstor - ok
10:31:26.0870 0x13cc [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
10:31:27.0141 0x13cc NvStreamSvc - ok
10:31:27.0164 0x13cc [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
10:31:27.0170 0x13cc nvvad_WaveExtensible - ok
10:31:27.0179 0x13cc [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
10:31:27.0205 0x13cc OneSyncSvc - ok
10:31:27.0213 0x13cc [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:27.0224 0x13cc ose - ok
10:31:27.0233 0x13cc [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
10:31:27.0252 0x13cc p2pimsvc - ok
10:31:27.0263 0x13cc [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:31:27.0284 0x13cc p2psvc - ok
10:31:27.0290 0x13cc [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport C:\WINDOWS\System32\drivers\parport.sys
10:31:27.0302 0x13cc Parport - ok
10:31:27.0307 0x13cc [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
10:31:27.0318 0x13cc partmgr - ok
10:31:27.0329 0x13cc [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
10:31:27.0349 0x13cc PcaSvc - ok
10:31:27.0358 0x13cc [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci C:\WINDOWS\system32\drivers\pci.sys
10:31:27.0372 0x13cc pci - ok
10:31:27.0375 0x13cc [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
10:31:27.0384 0x13cc pciide - ok
10:31:27.0389 0x13cc [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
10:31:27.0399 0x13cc pcmcia - ok
10:31:27.0403 0x13cc [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
10:31:27.0412 0x13cc pcw - ok
10:31:27.0416 0x13cc [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
10:31:27.0426 0x13cc pdc - ok
10:31:27.0443 0x13cc [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
10:31:27.0478 0x13cc PEAUTH - ok
10:31:27.0512 0x13cc [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
10:31:27.0570 0x13cc PeerDistSvc - ok
10:31:27.0579 0x13cc [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
10:31:27.0589 0x13cc percsas2i - ok
10:31:27.0593 0x13cc [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
10:31:27.0602 0x13cc percsas3i - ok
10:31:27.0623 0x13cc [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
10:31:27.0635 0x13cc PerfHost - ok
10:31:27.0656 0x13cc [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
10:31:27.0692 0x13cc PhoneSvc - ok
10:31:27.0699 0x13cc [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:31:27.0715 0x13cc PimIndexMaintenanceSvc - ok
10:31:27.0760 0x13cc [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla C:\WINDOWS\system32\pla.dll
10:31:27.0809 0x13cc pla - ok
10:31:27.0817 0x13cc [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
10:31:27.0843 0x13cc PlugPlay - ok
10:31:27.0851 0x13cc [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem C:\WINDOWS\System32\drivers\pmem.sys
10:31:27.0866 0x13cc pmem - ok
10:31:27.0869 0x13cc PnkBstrA - ok
10:31:27.0873 0x13cc [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
10:31:27.0886 0x13cc PNRPAutoReg - ok
10:31:27.0895 0x13cc [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
10:31:27.0914 0x13cc PNRPsvc - ok
10:31:27.0925 0x13cc [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
10:31:27.0948 0x13cc PolicyAgent - ok
10:31:27.0955 0x13cc [ 456DEA8B86DD28A2BAD65DC0F05B659E, CF23418563605C0255C903366D92F8A0C4CAA407000F509D558F676DD843DBCD ] Power C:\WINDOWS\system32\umpo.dll
10:31:27.0972 0x13cc Power - ok
10:31:27.0976 0x13cc [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
10:31:27.0996 0x13cc PptpMiniport - ok
10:31:28.0066 0x13cc [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:31:28.0146 0x13cc PrintNotify - ok
10:31:28.0157 0x13cc [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
10:31:28.0171 0x13cc Processor - ok
10:31:28.0181 0x13cc [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
10:31:28.0202 0x13cc ProfSvc - ok
10:31:28.0208 0x13cc [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched C:\WINDOWS\system32\drivers\pacer.sys
10:31:28.0219 0x13cc Psched - ok
10:31:28.0223 0x13cc [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
10:31:28.0229 0x13cc PSI - ok
10:31:28.0237 0x13cc [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE C:\WINDOWS\system32\qwave.dll
10:31:28.0262 0x13cc QWAVE - ok
10:31:28.0265 0x13cc [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
10:31:28.0283 0x13cc QWAVEdrv - ok
10:31:28.0286 0x13cc [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:31:28.0297 0x13cc RasAcd - ok
10:31:28.0303 0x13cc [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
10:31:28.0323 0x13cc RasAgileVpn - ok
10:31:28.0328 0x13cc [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:31:28.0343 0x13cc RasAuto - ok
10:31:28.0347 0x13cc [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
10:31:28.0371 0x13cc Rasl2tp - ok
10:31:28.0390 0x13cc [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan C:\WINDOWS\System32\rasmans.dll
10:31:28.0447 0x13cc RasMan - ok
10:31:28.0457 0x13cc [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:31:28.0476 0x13cc RasPppoe - ok
10:31:28.0480 0x13cc [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
10:31:28.0518 0x13cc RasSstp - ok
10:31:28.0535 0x13cc [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:31:28.0559 0x13cc rdbss - ok
10:31:28.0571 0x13cc [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
10:31:28.0583 0x13cc rdpbus - ok
10:31:28.0595 0x13cc [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
10:31:28.0615 0x13cc RDPDR - ok
10:31:28.0620 0x13cc [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:31:28.0636 0x13cc RdpVideoMiniport - ok
10:31:28.0645 0x13cc [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
10:31:28.0659 0x13cc rdyboost - ok
10:31:28.0698 0x13cc [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
10:31:28.0751 0x13cc ReFS - ok
10:31:28.0778 0x13cc [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
10:31:28.0807 0x13cc ReFSv1 - ok
10:31:28.0822 0x13cc [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:31:28.0853 0x13cc RemoteAccess - ok
10:31:28.0860 0x13cc [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:31:28.0889 0x13cc RemoteRegistry - ok
10:31:28.0903 0x13cc [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
10:31:28.0937 0x13cc RetailDemo - ok
10:31:28.0945 0x13cc [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc C:\WINDOWS\System32\RMapi.dll
10:31:28.0974 0x13cc RmSvc - ok
10:31:28.0978 0x13cc [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
10:31:28.0996 0x13cc RpcEptMapper - ok
10:31:29.0000 0x13cc [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator C:\WINDOWS\system32\locator.exe
10:31:29.0016 0x13cc RpcLocator - ok
10:31:29.0036 0x13cc [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:31:29.0075 0x13cc RpcSs - ok
10:31:29.0080 0x13cc [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
10:31:29.0101 0x13cc rspndr - ok
10:31:29.0116 0x13cc [ BE7E1D29CD6DAF79EF08A24A03E10D38, 6DD736E4AFFA8C2237990C3BB2B0313A2A18A77745198F847891128A1BA4D9FD ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
10:31:29.0133 0x13cc RTSPER - ok
10:31:29.0137 0x13cc [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
10:31:29.0148 0x13cc s3cap - ok
10:31:29.0152 0x13cc [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs C:\WINDOWS\system32\lsass.exe
10:31:29.0162 0x13cc SamSs - ok
10:31:29.0167 0x13cc [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
10:31:29.0184 0x13cc sbp2port - ok
10:31:29.0287 0x13cc [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
10:31:29.0326 0x13cc SCardSvr - ok
10:31:29.0335 0x13cc [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
10:31:29.0352 0x13cc ScDeviceEnum - ok
10:31:29.0355 0x13cc [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:31:29.0368 0x13cc scfilter - ok
10:31:29.0385 0x13cc [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:31:29.0424 0x13cc Schedule - ok
10:31:29.0429 0x13cc [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
10:31:29.0439 0x13cc scmbus - ok
10:31:29.0445 0x13cc [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
10:31:29.0471 0x13cc SCPolicySvc - ok
10:31:29.0485 0x13cc [ DCD86049661A2C36DEE69D9DF7C3330D, DFFE21D91289C17A1ACE1311A8621EDC0C6579552B4C22FEC3BD884746234114 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
10:31:29.0498 0x13cc sdbus - ok
10:31:29.0502 0x13cc [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
10:31:29.0511 0x13cc SDFRd - ok
10:31:29.0516 0x13cc [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
10:31:29.0531 0x13cc SDRSVC - ok
10:31:29.0535 0x13cc [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
10:31:29.0546 0x13cc sdstor - ok
10:31:29.0549 0x13cc [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon C:\WINDOWS\system32\seclogon.dll
10:31:29.0568 0x13cc seclogon - ok
10:31:29.0593 0x13cc [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:31:29.0619 0x13cc Secunia PSI Agent - ok
10:31:29.0634 0x13cc [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
10:31:29.0650 0x13cc Secunia Update Agent - ok
10:31:29.0659 0x13cc [ 09301074EA03CA8E82EAB16ADA1217CA, 4A303880959F611B199C810D231539B7DE618E28041BFA30891F2C55A70754D7 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
10:31:29.0692 0x13cc SecurityHealthService - ok
10:31:29.0716 0x13cc [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
10:31:29.0756 0x13cc SEMgrSvc - ok
10:31:29.0762 0x13cc [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS C:\WINDOWS\System32\sens.dll
10:31:29.0777 0x13cc SENS - ok
10:31:29.0779 0x13cc Sense - ok
10:31:29.0804 0x13cc [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:31:29.0852 0x13cc SensorDataService - ok
10:31:29.0866 0x13cc [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService C:\WINDOWS\system32\SensorService.dll
10:31:29.0890 0x13cc SensorService - ok
10:31:29.0897 0x13cc [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
10:31:29.0914 0x13cc SensrSvc - ok
10:31:29.0917 0x13cc [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
10:31:29.0927 0x13cc SerCx - ok
10:31:29.0933 0x13cc [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
10:31:29.0944 0x13cc SerCx2 - ok
10:31:29.0947 0x13cc [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
10:31:29.0958 0x13cc Serenum - ok
10:31:29.0962 0x13cc [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial C:\WINDOWS\System32\drivers\serial.sys
10:31:29.0974 0x13cc Serial - ok
10:31:29.0977 0x13cc [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
10:31:29.0988 0x13cc sermouse - ok
10:31:30.0000 0x13cc [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
10:31:30.0021 0x13cc SessionEnv - ok
10:31:30.0027 0x13cc [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
10:31:30.0037 0x13cc sfloppy - ok
10:31:30.0049 0x13cc [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:31:30.0081 0x13cc SharedAccess - ok
10:31:30.0098 0x13cc [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:31:30.0128 0x13cc ShellHWDetection - ok
10:31:30.0136 0x13cc [ 1F73E6C66E7D9ED4FD58F9238D27430E, F1BFF9D3A0BB1981F6A1A3C23476675760E5AEFD919697D6DF00421576D93985 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
10:31:30.0154 0x13cc shpamsvc - ok
10:31:30.0157 0x13cc [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:31:30.0166 0x13cc SiSRaid2 - ok
10:31:30.0170 0x13cc [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4
|
|
05.06.2017, 09:41
| #7 |
| | ESET meldet FundeCode:
ATTFilter C:\WINDOWS\system32\drivers\sisraid4.sys
10:31:30.0180 0x13cc SiSRaid4 - ok
10:31:30.0188 0x13cc [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:31:30.0204 0x13cc SkypeUpdate - ok
10:31:30.0208 0x13cc [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
10:31:30.0215 0x13cc SmbDrvI - ok
10:31:30.0218 0x13cc [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost C:\WINDOWS\System32\smphost.dll
10:31:30.0237 0x13cc smphost - ok
10:31:30.0250 0x13cc [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
10:31:30.0284 0x13cc SmsRouter - ok
10:31:30.0291 0x13cc [ 17B685A6DBD7543D2A55739526361583, EAF3C4DE587866D04CF9B051E5CEE335BC84788C8C62816AF404B6AD24FF1482 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:31:30.0304 0x13cc SNMPTRAP - ok
10:31:30.0318 0x13cc [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
10:31:30.0337 0x13cc spaceport - ok
10:31:30.0341 0x13cc [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
10:31:30.0350 0x13cc SpatialGraphFilter - ok
10:31:30.0354 0x13cc [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
10:31:30.0363 0x13cc SpbCx - ok
10:31:30.0380 0x13cc [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum C:\WINDOWS\system32\spectrum.exe
10:31:30.0413 0x13cc spectrum - ok
10:31:30.0430 0x13cc [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler C:\WINDOWS\System32\spoolsv.exe
10:31:30.0459 0x13cc Spooler - ok
10:31:30.0532 0x13cc [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc C:\WINDOWS\system32\sppsvc.exe
10:31:30.0624 0x13cc sppsvc - ok
10:31:30.0646 0x13cc [ 97E4F8B6D113CB77CAFB9257A6C4C15B, 0F732AFB074A8E54B71673A36830657EA11828B7CFF7EC32AC2E47DE333A14F4 ] SPUVCbv C:\WINDOWS\System32\Drivers\SPUVCbv64.sys
10:31:30.0672 0x13cc SPUVCbv - ok
10:31:30.0683 0x13cc [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:31:30.0703 0x13cc srv - ok
10:31:30.0719 0x13cc [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
10:31:30.0746 0x13cc srv2 - ok
10:31:30.0754 0x13cc [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:31:30.0776 0x13cc srvnet - ok
10:31:30.0785 0x13cc [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:31:30.0810 0x13cc SSDPSRV - ok
10:31:30.0815 0x13cc [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
10:31:30.0833 0x13cc SstpSvc - ok
10:31:30.0935 0x13cc [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:31:31.0044 0x13cc StateRepository - ok
10:31:31.0081 0x13cc [ 507367443C3A2D4BA115FE48B96A7D4B, 262E4F76A7850189572629117197841E87387D0034D4BC6F181D1CE4AB67B093 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:31:31.0112 0x13cc Steam Client Service - ok
10:31:31.0117 0x13cc [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
10:31:31.0126 0x13cc stexstor - ok
10:31:31.0139 0x13cc [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc C:\WINDOWS\System32\wiaservc.dll
10:31:31.0166 0x13cc stisvc - ok
10:31:31.0172 0x13cc [ 63F1C499672A1049F0814F243798F35F, 65B39E2AFC48E8F5754296DC72183EE505677D7FCD8909D4975629D6AA849DC0 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
10:31:31.0182 0x13cc storahci - ok
10:31:31.0186 0x13cc [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
10:31:31.0195 0x13cc storflt - ok
10:31:31.0199 0x13cc [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
10:31:31.0209 0x13cc stornvme - ok
10:31:31.0213 0x13cc [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
10:31:31.0225 0x13cc storqosflt - ok
10:31:31.0241 0x13cc [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc C:\WINDOWS\system32\storsvc.dll
10:31:31.0271 0x13cc StorSvc - ok
10:31:31.0275 0x13cc [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
10:31:31.0284 0x13cc storufs - ok
10:31:31.0287 0x13cc [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
10:31:31.0296 0x13cc storvsc - ok
10:31:31.0299 0x13cc [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc C:\WINDOWS\system32\svsvc.dll
10:31:31.0314 0x13cc svsvc - ok
10:31:31.0318 0x13cc [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
10:31:31.0326 0x13cc swenum - ok
10:31:31.0337 0x13cc [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv C:\WINDOWS\System32\swprv.dll
10:31:31.0362 0x13cc swprv - ok
10:31:31.0366 0x13cc [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:31:31.0377 0x13cc Synth3dVsc - ok
10:31:31.0391 0x13cc [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:31:31.0409 0x13cc SynTP - ok
10:31:31.0419 0x13cc [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
10:31:31.0430 0x13cc SynTPEnhService - ok
10:31:31.0449 0x13cc [ 4746E7782AABDDC950E94336C03D3D4E, B583CB003D364F82B6C45932CC119FF8D5555E3E0B2D75B861B34C1B6AB6509B ] SysMain C:\WINDOWS\system32\sysmain.dll
10:31:31.0491 0x13cc SysMain - ok
10:31:31.0500 0x13cc [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:31:31.0518 0x13cc SystemEventsBroker - ok
10:31:31.0524 0x13cc [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:31:31.0539 0x13cc TabletInputService - ok
10:31:31.0548 0x13cc [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:31:31.0568 0x13cc TapiSrv - ok
10:31:31.0615 0x13cc [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
10:31:31.0672 0x13cc Tcpip - ok
10:31:31.0739 0x13cc [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
10:31:31.0796 0x13cc Tcpip6 - ok
10:31:31.0807 0x13cc [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
10:31:31.0819 0x13cc tcpipreg - ok
10:31:31.0825 0x13cc [ 2540384EF2EEE5BE930E3FB1061395DC, 53BACC0718967E0860BAE1EB2DECDD3960FA19AC47066C5DFCE03AA0427BB654 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
10:31:31.0835 0x13cc tdx - ok
10:31:31.0839 0x13cc [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
10:31:31.0848 0x13cc terminpt - ok
10:31:31.0867 0x13cc [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService C:\WINDOWS\System32\termsrv.dll
10:31:31.0902 0x13cc TermService - ok
10:31:31.0907 0x13cc [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes C:\WINDOWS\system32\themeservice.dll
10:31:31.0924 0x13cc Themes - ok
10:31:31.0932 0x13cc [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:31:31.0953 0x13cc TieringEngineService - ok
10:31:31.0967 0x13cc [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:31:31.0994 0x13cc tiledatamodelsvc - ok
10:31:32.0001 0x13cc [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
10:31:32.0016 0x13cc TimeBrokerSvc - ok
10:31:32.0037 0x13cc [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
10:31:32.0073 0x13cc TokenBroker - ok
10:31:32.0080 0x13cc [ 9ED5C8DE0FD72A2B39A39A52AE4B17D8, 8D86510D42C4BC019A38167E2781D09E85BD6CFECFE92B9248766FEA7E40D821 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
10:31:32.0088 0x13cc TPHKLOAD - ok
10:31:32.0092 0x13cc [ 5B62F45C87CC0FB176C5358EEA6CFB4C, D3ED391278AE0F26BCF947057E63DD0CCA4FAD9D15C23D34E14A1F34571DAC77 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
10:31:32.0099 0x13cc TPHKSVC - ok
10:31:32.0107 0x13cc [ 13878331EB3906C29A1F4E46B9606218, 892C17BBB35E72B36AE5F16124DFD5D8D7151260A370C142EBDD1D14EAD42AB9 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
10:31:32.0118 0x13cc TPM - ok
10:31:32.0124 0x13cc [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks C:\WINDOWS\System32\trkwks.dll
10:31:32.0138 0x13cc TrkWks - ok
10:31:32.0143 0x13cc [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:31:32.0155 0x13cc TrustedInstaller - ok
10:31:32.0161 0x13cc [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
10:31:32.0172 0x13cc TsUsbFlt - ok
10:31:32.0175 0x13cc [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:31:32.0186 0x13cc TsUsbGD - ok
10:31:32.0190 0x13cc [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
10:31:32.0203 0x13cc tsusbhub - ok
10:31:32.0209 0x13cc [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
10:31:32.0222 0x13cc tzautoupdate - ok
10:31:32.0227 0x13cc [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
10:31:32.0236 0x13cc UASPStor - ok
10:31:32.0241 0x13cc [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
10:31:32.0253 0x13cc UcmCx0101 - ok
10:31:32.0259 0x13cc [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
10:31:32.0272 0x13cc UcmTcpciCx0101 - ok
10:31:32.0276 0x13cc [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:31:32.0287 0x13cc UcmUcsi - ok
10:31:32.0293 0x13cc [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
10:31:32.0305 0x13cc Ucx01000 - ok
10:31:32.0309 0x13cc [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
10:31:32.0319 0x13cc UdeCx - ok
10:31:32.0328 0x13cc [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
10:31:32.0353 0x13cc udfs - ok
10:31:32.0356 0x13cc [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
10:31:32.0365 0x13cc UEFI - ok
10:31:32.0368 0x13cc [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
10:31:32.0377 0x13cc UevAgentDriver - ok
10:31:32.0400 0x13cc [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
10:31:32.0440 0x13cc UevAgentService - ok
10:31:32.0448 0x13cc [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
10:31:32.0461 0x13cc Ufx01000 - ok
10:31:32.0466 0x13cc [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:31:32.0475 0x13cc UfxChipidea - ok
10:31:32.0480 0x13cc [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:31:32.0491 0x13cc ufxsynopsys - ok
10:31:32.0497 0x13cc [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
10:31:32.0511 0x13cc UI0Detect - ok
10:31:32.0514 0x13cc [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
10:31:32.0526 0x13cc umbus - ok
10:31:32.0529 0x13cc [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
10:31:32.0539 0x13cc UmPass - ok
10:31:32.0546 0x13cc [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService C:\WINDOWS\System32\umrdp.dll
10:31:32.0564 0x13cc UmRdpService - ok
10:31:32.0587 0x13cc [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
10:31:32.0629 0x13cc UnistoreSvc - ok
10:31:32.0642 0x13cc [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:31:32.0673 0x13cc upnphost - ok
10:31:32.0676 0x13cc [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
10:31:32.0684 0x13cc UrsChipidea - ok
10:31:32.0689 0x13cc [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
10:31:32.0698 0x13cc UrsCx01000 - ok
10:31:32.0702 0x13cc [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
10:31:32.0711 0x13cc UrsSynopsys - ok
10:31:32.0717 0x13cc [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
10:31:32.0729 0x13cc usbccgp - ok
10:31:32.0733 0x13cc [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
10:31:32.0746 0x13cc usbcir - ok
10:31:32.0750 0x13cc [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
10:31:32.0761 0x13cc usbehci - ok
10:31:32.0772 0x13cc [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
10:31:32.0789 0x13cc usbhub - ok
10:31:32.0802 0x13cc [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
10:31:32.0821 0x13cc USBHUB3 - ok
10:31:32.0824 0x13cc [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
10:31:32.0835 0x13cc usbohci - ok
10:31:32.0838 0x13cc [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
10:31:32.0849 0x13cc usbprint - ok
10:31:32.0853 0x13cc [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
10:31:32.0866 0x13cc usbser - ok
10:31:32.0870 0x13cc [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:31:32.0881 0x13cc USBSTOR - ok
10:31:32.0885 0x13cc [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
10:31:32.0895 0x13cc usbuhci - ok
10:31:32.0905 0x13cc [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:31:32.0920 0x13cc USBXHCI - ok
10:31:32.0950 0x13cc [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
10:31:32.0999 0x13cc UserDataSvc - ok
10:31:33.0022 0x13cc [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager C:\WINDOWS\System32\usermgr.dll
10:31:33.0081 0x13cc UserManager - ok
10:31:33.0099 0x13cc [ C71F447901864A61698B9FA2CF538146, 13673F28E6AE2CE8AB20ECF93997B49A355087F72970FE0BA7319B629DB3D36E ] UsoSvc C:\WINDOWS\system32\usocore.dll
10:31:33.0127 0x13cc UsoSvc - ok
10:31:33.0132 0x13cc [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc C:\WINDOWS\system32\lsass.exe
10:31:33.0142 0x13cc VaultSvc - ok
10:31:33.0146 0x13cc [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
10:31:33.0155 0x13cc vdrvroot - ok
10:31:33.0168 0x13cc [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds C:\WINDOWS\System32\vds.exe
10:31:33.0198 0x13cc vds - ok
10:31:33.0205 0x13cc [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
10:31:33.0217 0x13cc VerifierExt - ok
10:31:33.0231 0x13cc [ 1021DCD0E3632E099E599B8893DC7969, 18A4F022240FBBDAEEAF6613E88F1B89370EE8BE575059657FEA451D7DA1FE75 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
10:31:33.0253 0x13cc vhdmp - ok
10:31:33.0258 0x13cc [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
10:31:33.0269 0x13cc vhf - ok
10:31:33.0273 0x13cc [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
10:31:33.0284 0x13cc vmbus - ok
10:31:33.0287 0x13cc [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
10:31:33.0298 0x13cc VMBusHID - ok
10:31:33.0301 0x13cc [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
10:31:33.0311 0x13cc vmgid - ok
10:31:33.0319 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
10:31:33.0336 0x13cc vmicguestinterface - ok
10:31:33.0344 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
10:31:33.0361 0x13cc vmicheartbeat - ok
10:31:33.0368 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
10:31:33.0385 0x13cc vmickvpexchange - ok
10:31:33.0393 0x13cc [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
10:31:33.0411 0x13cc vmicrdv - ok
10:31:33.0419 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
10:31:33.0436 0x13cc vmicshutdown - ok
10:31:33.0444 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
10:31:33.0461 0x13cc vmictimesync - ok
10:31:33.0467 0x13cc [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
10:31:33.0484 0x13cc vmicvmsession - ok
10:31:33.0492 0x13cc [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
10:31:33.0510 0x13cc vmicvss - ok
10:31:33.0514 0x13cc [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
10:31:33.0524 0x13cc volmgr - ok
10:31:33.0533 0x13cc [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
10:31:33.0548 0x13cc volmgrx - ok
10:31:33.0557 0x13cc [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
10:31:33.0573 0x13cc volsnap - ok
10:31:33.0577 0x13cc [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume C:\WINDOWS\system32\drivers\volume.sys
10:31:33.0586 0x13cc volume - ok
10:31:33.0590 0x13cc [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
10:31:33.0599 0x13cc vpci - ok
10:31:33.0605 0x13cc [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
10:31:33.0616 0x13cc vsmraid - ok
10:31:33.0644 0x13cc [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS C:\WINDOWS\system32\vssvc.exe
10:31:33.0694 0x13cc VSS - ok
10:31:33.0706 0x13cc [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
10:31:33.0720 0x13cc VSTXRAID - ok
10:31:33.0724 0x13cc [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
10:31:33.0743 0x13cc vwifibus - ok
10:31:33.0747 0x13cc [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
10:31:33.0767 0x13cc vwififlt - ok
10:31:33.0771 0x13cc [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
10:31:33.0790 0x13cc vwifimp - ok
10:31:33.0802 0x13cc [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time C:\WINDOWS\system32\w32time.dll
10:31:33.0833 0x13cc W32Time - ok
10:31:33.0839 0x13cc [ A57B80F078FE71DEC1D0487DA70A56FD, F26F273BB45CBCACE440B08FF14C05D1B89046AE669195B4DAD50129835B1D9C ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
10:31:33.0851 0x13cc w3logsvc - ok
10:31:33.0863 0x13cc [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:31:33.0888 0x13cc W3SVC - ok
10:31:33.0892 0x13cc [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
10:31:33.0902 0x13cc WacomPen - ok
10:31:33.0913 0x13cc [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService C:\WINDOWS\system32\WalletService.dll
10:31:33.0934 0x13cc WalletService - ok
10:31:33.0938 0x13cc [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:31:33.0959 0x13cc wanarp - ok
10:31:33.0964 0x13cc [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:31:33.0983 0x13cc wanarpv6 - ok
10:31:33.0995 0x13cc [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:31:34.0019 0x13cc WAS - ok
10:31:34.0047 0x13cc [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine C:\WINDOWS\system32\wbengine.exe
10:31:34.0095 0x13cc wbengine - ok
10:31:34.0119 0x13cc [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
10:31:34.0152 0x13cc WbioSrvc - ok
10:31:34.0159 0x13cc [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
10:31:34.0170 0x13cc wcifs - ok
10:31:34.0187 0x13cc [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
10:31:34.0219 0x13cc Wcmsvc - ok
10:31:34.0230 0x13cc [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
10:31:34.0252 0x13cc wcncsvc - ok
10:31:34.0258 0x13cc [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
10:31:34.0269 0x13cc wcnfs - ok
10:31:34.0273 0x13cc [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
10:31:34.0283 0x13cc WdBoot - ok
10:31:34.0301 0x13cc [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
10:31:34.0323 0x13cc Wdf01000 - ok
10:31:34.0331 0x13cc [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
10:31:34.0345 0x13cc WdFilter - ok
10:31:34.0350 0x13cc [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
10:31:34.0367 0x13cc WdiServiceHost - ok
10:31:34.0370 0x13cc [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
10:31:34.0387 0x13cc WdiSystemHost - ok
10:31:34.0402 0x13cc [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:31:34.0438 0x13cc wdiwifi - ok
10:31:34.0443 0x13cc [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:31:34.0453 0x13cc WdNisDrv - ok
10:31:34.0456 0x13cc WdNisSvc - ok
10:31:34.0464 0x13cc [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:31:34.0483 0x13cc WebClient - ok
10:31:34.0490 0x13cc [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
10:31:34.0508 0x13cc Wecsvc - ok
10:31:34.0511 0x13cc [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
10:31:34.0524 0x13cc WEPHOSTSVC - ok
10:31:34.0529 0x13cc [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
10:31:34.0546 0x13cc wercplsupport - ok
10:31:34.0552 0x13cc [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
10:31:34.0568 0x13cc WerSvc - ok
10:31:34.0580 0x13cc [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
10:31:34.0615 0x13cc WFDSConMgrSvc - ok
10:31:34.0622 0x13cc [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
10:31:34.0633 0x13cc WFPLWFS - ok
10:31:34.0637 0x13cc [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
10:31:34.0651 0x13cc WiaRpc - ok
10:31:34.0655 0x13cc [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
10:31:34.0663 0x13cc WIMMount - ok
10:31:34.0665 0x13cc WinDefend - ok
10:31:34.0673 0x13cc [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:31:34.0682 0x13cc WindowsTrustedRT - ok
10:31:34.0686 0x13cc [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:31:34.0694 0x13cc WindowsTrustedRTProxy - ok
10:31:34.0711 0x13cc [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:31:34.0738 0x13cc WinHttpAutoProxySvc - ok
10:31:34.0743 0x13cc [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
10:31:34.0751 0x13cc WinMad - ok
10:31:34.0764 0x13cc [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:31:34.0787 0x13cc Winmgmt - ok
10:31:34.0842 0x13cc [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
10:31:34.0877 0x13cc WinNat - ok
10:31:34.0967 0x13cc [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:31:35.0057 0x13cc WinRM - ok
10:31:35.0069 0x13cc [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
10:31:35.0081 0x13cc WINUSB - ok
10:31:35.0085 0x13cc [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
10:31:35.0094 0x13cc WinVerbs - ok
10:31:35.0110 0x13cc [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc C:\WINDOWS\system32\flightsettings.dll
10:31:35.0136 0x13cc wisvc - ok
10:31:35.0177 0x13cc [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
10:31:35.0256 0x13cc WlanSvc - ok
10:31:35.0316 0x13cc [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
10:31:35.0380 0x13cc wlidsvc - ok
10:31:35.0409 0x13cc [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
10:31:35.0458 0x13cc wlpasvc - ok
10:31:35.0465 0x13cc [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
10:31:35.0475 0x13cc WmiAcpi - ok
10:31:35.0483 0x13cc [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:31:35.0504 0x13cc wmiApSrv - ok
10:31:35.0506 0x13cc WMPNetworkSvc - ok
10:31:35.0513 0x13cc [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
10:31:35.0526 0x13cc Wof - ok
10:31:35.0559 0x13cc [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
10:31:35.0614 0x13cc workfolderssvc - ok
10:31:35.0623 0x13cc [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
10:31:35.0636 0x13cc WPDBusEnum - ok
10:31:35.0641 0x13cc [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:31:35.0649 0x13cc WpdUpFltr - ok
10:31:35.0657 0x13cc [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService C:\WINDOWS\system32\WpnService.dll
10:31:35.0675 0x13cc WpnService - ok
10:31:35.0680 0x13cc [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
10:31:35.0693 0x13cc WpnUserService - ok
10:31:35.0699 0x13cc [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
10:31:35.0705 0x13cc WPRO_41_2001 - ok
10:31:35.0709 0x13cc [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:31:35.0726 0x13cc ws2ifsl - ok
10:31:35.0733 0x13cc [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc
C:\WINDOWS\System32\wscsvc.dll
10:31:35.0751 0x13cc wscsvc - ok
10:31:35.0754 0x13cc [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
10:31:35.0766 0x13cc WSDPrintDevice - ok
10:31:35.0768 0x13cc WSearch - ok
10:31:35.0814 0x13cc [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
10:31:35.0886 0x13cc wuauserv - ok
10:31:35.0892 0x13cc [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
10:31:35.0907 0x13cc WudfPf - ok
10:31:35.0920 0x13cc [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
10:31:35.0944 0x13cc WUDFRd - ok
10:31:35.0949 0x13cc [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
10:31:35.0964 0x13cc wudfsvc - ok
10:31:35.0971 0x13cc [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:31:35.0987 0x13cc WUDFWpdFs - ok
10:31:35.0992 0x13cc [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:31:36.0009 0x13cc WUDFWpdMtp - ok
10:31:36.0034 0x13cc [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
10:31:36.0090 0x13cc WwanSvc - ok
10:31:36.0103 0x13cc [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm C:\WINDOWS\System32\xbgmsvc.dll
10:31:36.0118 0x13cc xbgm - ok
10:31:36.0138 0x13cc [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
10:31:36.0176 0x13cc XblAuthManager - ok
10:31:36.0199 0x13cc [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
10:31:36.0238 0x13cc XblGameSave - ok
10:31:36.0247 0x13cc [ 3AC720A97FE4B6325F3012B21AF74390, 41AC655BD5CE5016BAA482534D1CEA6E11EAECE121344B45A5C8DF84A83807F4 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
10:31:36.0263 0x13cc xboxgip - ok
10:31:36.0267 0x13cc [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
10:31:36.0279 0x13cc XboxGipSvc - ok
10:31:36.0299 0x13cc [ 8489AA1A36074B3487BFDA8A9FDBAB3D, 59337C1F65AF42820260FCE271D18C2221B64A5E53005A11ECF397F651031C6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
10:31:36.0344 0x13cc XboxNetApiSvc - ok
10:31:36.0351 0x13cc [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
10:31:36.0362 0x13cc xinputhid - ok
10:31:36.0364 0x13cc ================ Scan global ===============================
10:31:36.0368 0x13cc [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
10:31:36.0376 0x13cc [ A42970F5DAA633B35322F200C39DF4CF, 91EEA2A5BA8FF0CBCB058218B01E747D29ADE4544AFC5474C71DB380866B4F2E ] C:\WINDOWS\system32\winsrv.dll
10:31:36.0383 0x13cc [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
10:31:36.0400 0x13cc [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
10:31:36.0409 0x13cc [ Global ] - ok
10:31:36.0409 0x13cc ================ Scan MBR ==================================
10:31:36.0410 0x13cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:31:36.0574 0x13cc \Device\Harddisk0\DR0 - ok
10:31:36.0574 0x13cc ================ Scan VBR ==================================
10:31:36.0577 0x13cc [ B44049D096C93E7678052B11DF9BC815 ] \Device\Harddisk0\DR0\Partition1
10:31:36.0579 0x13cc \Device\Harddisk0\DR0\Partition1 - ok
10:31:36.0582 0x13cc [ 4AFE8577535EDFBDDBBFAB19F1271092 ] \Device\Harddisk0\DR0\Partition2
10:31:36.0583 0x13cc \Device\Harddisk0\DR0\Partition2 - ok
10:31:36.0584 0x13cc ================ Scan generic autorun ======================
10:31:36.0584 0x13cc SecurityHealth - ok
10:31:36.0600 0x13cc [ F3E1B4D249B9E2E820870A3C1ED82AC8, AA8BA7B6B0C064253289896CE5283F429C43A22E9D58DB687130899F1A09F8EF ] C:\Windows\system32\igfxtray.exe
10:31:36.0627 0x13cc IgfxTray - ok
10:31:36.0665 0x13cc [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:31:36.0705 0x13cc NvBackend - ok
10:31:36.0714 0x13cc [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\Windows\system32\rundll32.exe
10:31:36.0733 0x13cc ShadowPlay - ok
10:31:36.0738 0x13cc [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
10:31:36.0749 0x13cc Classic Start Menu - ok
10:31:36.0778 0x13cc [ 72B851911C25A12185C0B02B7296EF76, 1BAE524B79C9DF7E69CAA1C3E341B4EE3128F006262D3EA53E699DF5DD9B879B ] C:\Program Files (x86)\Integrated Camera\monitor.exe
10:31:36.0832 0x13cc Integrated Camera_Monitor - detected UnsignedFile.Multi.Generic ( 1 )
10:31:36.0949 0x13cc Detect skipped due to KSN trusted
10:31:36.0949 0x13cc Integrated Camera_Monitor - ok
10:31:37.0047 0x13cc [ F43058736E2A514F00E29A8C06814B34, BA3F0AB27AB622A16A13411C9C2844FED678B532C78FF0D4FB557F601510AD6F ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
10:31:37.0119 0x13cc BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
10:31:40.0217 0x13cc Detect skipped due to KSN trusted
10:31:40.0217 0x13cc BrStsMon00 - ok
10:31:40.0315 0x13cc [ 9F1CEEB223F341A4FAA78763FD9B2EAC, 7F4A0184B97C0907847D33BFD9358909FD10E52B631876BBA79383EC301D4D32 ] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
10:31:40.0371 0x13cc IseUI - ok
10:31:40.0877 0x13cc [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:41.0210 0x13cc OneDriveSetup - ok
10:31:41.0564 0x13cc [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:41.0889 0x13cc OneDriveSetup - ok
10:31:41.0928 0x13cc [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Carola Ilgen\AppData\Local\FluxSoftware\Flux\flux.exe
10:31:41.0950 0x13cc f.lux - ok
10:31:41.0952 0x13cc Skype - ok
10:31:42.0281 0x13cc [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:42.0605 0x13cc OneDriveSetup - ok
10:31:42.0634 0x13cc [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
10:31:42.0710 0x13cc WAB Migrate - ok
10:31:42.0711 0x13cc Waiting for KSN requests completion. In queue: 6
10:31:43.0910 0x13cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
10:31:43.0910 0x13cc AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6223 ), 0x61000 ( enabled : updated )
10:31:43.0912 0x13cc FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6223 ), 0x61010 ( enabled )
10:31:44.0224 0x13cc ============================================================
10:31:44.0224 0x13cc Scan finished
10:31:44.0224 0x13cc ============================================================
10:31:44.0245 0x24c8 Detected object count: 0
10:31:44.0245 0x24c8 Actual detected object count: 0
 |
|
05.06.2017, 13:32
| #8 |
| /// TB-Ausbilder | ESET meldet Funde Servus, Comodo bitte während der Schritte deaktivieren, es stört nur die Bereinigung! Schritt 0 Gib in das Cortana-Suchfeld (Textfeld links unten in der Taskleiste) "Aufgabenplanung" ein und drücke Enter. Wähle links Aufgabenplanungsbibliothek > Microsoft > Office aus. Wähle den Task OfficeBackgroundTaskHandlerRegistration aus und klicke rechts auf Deaktivieren. Schließe die Aufgabenplanung wieder. Schritt 1
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3
Schritt 4 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
|
05.06.2017, 16:47
| #9 |
| | ESET meldet Funde Dann mal ran an den Speck: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 17:22:27) Run:1
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden.
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js => nicht gefunden.
C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js => nicht gefunden.
Firefox Proxy-Einstellungen wurden zurückgesetzt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D85A55B-993A-45E3-B015-250C795151A1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D85A55B-993A-45E3-B015-250C795151A1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A7ED33F-A84F-48AC-B000-ABED4901E0AB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7ED33F-A84F-48AC-B000-ABED4901E0AB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FFE647A-3E5D-4594-9EA5-5B65B185DC03} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FFE647A-3E5D-4594-9EA5-5B65B185DC03} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B87DE87D-F54B-4E90-8A66-A192864D7052} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87DE87D-F54B-4E90-8A66-A192864D7052} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5050B7C-1F8D-40E9-9E24-20623960C6E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5050B7C-1F8D-40E9-9E24-20623960C6E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EABE54ED-1BBC-44FF-977C-F9A4D104791A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABE54ED-1BBC-44FF-977C-F9A4D104791A} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBA005EB-9167-49FC-B0CA-71599621456C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBA005EB-9167-49FC-B0CA-71599621456C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
"C:\WINDOWS\system32\Drivers\etc\hosts" => wurde entsperrt
C:\WINDOWS\system32\Drivers\etc\hosts => erfolgreich verschoben
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Program Files
17.05.2017 17:58 <DIR> .
17.05.2017 17:58 <DIR> ..
27.08.2016 17:29 <DIR> 7-Zip
22.08.2016 20:02 <DIR> Classic Shell
17.05.2017 17:58 <DIR> Common Files
17.01.2014 18:49 <DIR> COMODO
19.12.2014 22:23 <DIR> dm
19.06.2016 12:18 <DIR> DVD Maker
28.03.2014 16:06 <DIR> Fraps
20.10.2016 09:26 <DIR> Hola
22.09.2015 22:02 <DIR> IIS Express
17.05.2017 17:58 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
17.01.2014 22:38 <DIR> Lenovo
12.03.2017 13:23 <DIR> Microsoft Office 15
22.05.2017 22:06 <DIR> Mozilla Firefox
17.05.2017 18:47 <DIR> MSBuild
31.05.2017 21:34 <DIR> NVIDIA Corporation
24.04.2017 10:51 <DIR> Paint.NET
03.05.2017 10:27 <DIR> PDFCreator
14.05.2016 15:25 <DIR> R
17.05.2017 17:56 <DIR> Realtek
12.01.2017 11:53 <DIR> Recuva
17.05.2017 18:47 <DIR> Reference Assemblies
17.05.2017 17:56 <DIR> Synaptics
02.06.2014 20:32 <DIR> Teamspeak
10.05.2017 18:29 <DIR> UNP
20.03.2017 06:41 <DIR> Windows Defender
20.03.2017 06:43 <DIR> Windows Defender Advanced Threat Protection
17.05.2017 17:58 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
17.05.2017 18:07 <DIR> Windows NT
17.05.2017 18:52 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
37 Verzeichnis(se), 59.324.444.672 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Program Files (x86)
04.06.2017 22:27 <DIR> .
04.06.2017 22:27 <DIR> ..
18.06.2016 10:02 <DIR> Adobe
08.03.2014 20:10 <DIR> Age of Empires 2
31.08.2015 10:32 <DIR> Ahnenblatt
20.02.2017 22:36 <DIR> Anvsoft
13.05.2014 16:39 <DIR> Assassin's Creed
28.03.2014 17:41 <DIR> Assassin's Creed Brotherhood
26.03.2014 20:56 <DIR> Assassin's Creed III
14.03.2015 16:08 <DIR> Assassin's Creed Liberation
16.07.2016 22:36 <DIR> Audacity
03.08.2015 17:25 <DIR> Battle.net
23.03.2016 15:07 <DIR> Brother
23.03.2016 15:07 <DIR> Browny02
17.01.2014 19:33 <DIR> CDBurnerXP
22.10.2015 13:22 159.657 changelog.txt
19.05.2015 21:14 <DIR> Cisco
04.06.2017 22:27 <DIR> Common Files
25.04.2017 21:09 <DIR> COMODO
07.11.2015 18:45 375.544 createfileassoc.exe
18.06.2015 19:34 <DIR> Diablo II
17.01.2014 18:18 <DIR> Dolby Advanced Audio v2
20.03.2017 22:35 <DIR> DVDVideoSoft
07.11.2015 18:45 447.464 error_report.exe
27.05.2017 16:21 <DIR> ESET
04.06.2017 22:22 <DIR> FanFictionDownloader
27.09.2016 21:11 <DIR> Fraps
06.11.2016 12:13 <DIR> FreeCodecPack
13.09.2015 16:41 <DIR> gfx
10.01.2017 23:54 <DIR> Google
28.06.2015 15:42 <DIR> Hero Editor
22.09.2015 22:02 <DIR> IIS Express
13.09.2015 16:41 <DIR> imageformats
17.01.2014 22:35 <DIR> Integrated Camera
16.08.2016 20:52 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
17.01.2014 19:18 <DIR> IrfanView
26.04.2017 18:14 <DIR> Java
24.03.2014 14:05 <DIR> Lame For Audacity
17.01.2014 22:38 <DIR> Lenovo
24.07.2015 21:56 <DIR> LG Electronics
21.09.2015 16:24 1.709.056 libeay32.dll
04.06.2017 22:13 <DIR> LibreOffice 5
13.09.2015 23:01 <DIR> lol game
29.12.2016 14:16 <DIR> Malwarebytes Anti-Malware
14.05.2015 09:12 <DIR> Microsoft
26.05.2017 20:55 <DIR> Microsoft Office
10.09.2016 11:12 <DIR> Microsoft SQL Server Compact Edition
19.09.2014 11:28 <DIR> Microsoft XNA
17.05.2017 17:58 <DIR> Microsoft.NET
25.04.2017 21:01 <DIR> Mozilla Firefox
25.05.2017 12:49 <DIR> Mozilla Maintenance Service
04.06.2017 13:29 <DIR> Mp3tag
17.05.2017 18:47 <DIR> MSBuild
05.10.2013 00:58 660.128 msvcp120.dll
05.10.2013 00:58 963.232 msvcr120.dll
21.01.2017 17:59 <DIR> MyHeritage
19.07.2014 18:45 <DIR> NCH Software
13.09.2015 16:41 <DIR> news
13.03.2014 22:51 <DIR> No23
10.02.2017 18:02 <DIR> NVIDIA Corporation
19.02.2015 15:26 <DIR> Opera
07.11.2015 18:45 1.704.176 OverwolfTeamSpeakInstaller.exe
07.11.2015 18:45 475.112 package_inst.exe
10.10.2016 17:44 <DIR> Paint.NET
03.02.2015 10:10 <DIR> PDFCreator
13.09.2015 16:41 <DIR> platforms
13.09.2015 16:41 <DIR> plugins
22.10.2015 11:20 321 plugin_sdk.html
21.09.2015 16:47 5.626.368 Qt5Core.dll
21.09.2015 16:48 3.937.280 Qt5Gui.dll
21.09.2015 16:48 1.092.608 Qt5Network.dll
21.09.2015 16:47 216.576 Qt5Sql.dll
21.09.2015 16:50 5.424.128 Qt5Widgets.dll
22.10.2015 13:22 175.080 quazip.dll
14.06.2015 17:36 <DIR> RD
18.08.2014 13:53 <DIR> Realtek
17.05.2017 18:47 <DIR> Reference Assemblies
17.01.2014 22:55 <DIR> Secunia
29.02.2012 15:40 <DIR> Setting
04.07.2014 21:12 <DIR> Sims 3
23.05.2017 18:53 <DIR> Skype
13.09.2015 16:41 <DIR> sound
13.09.2015 16:41 <DIR> soundbackends
13.09.2015 16:41 <DIR> sqldrivers
21.09.2015 16:24 317.440 ssleay32.dll
05.06.2017 13:46 <DIR> Steam
28.03.2014 19:07 <DIR> Stronghold
13.09.2015 16:41 <DIR> styles
17.05.2017 17:56 <DIR> SunplusIT Integrated Camera
25.02.2015 17:40 <DIR> SystemRequirementsLab
14.06.2015 17:28 <DIR> temppath
28.07.2014 21:02 <DIR> Temspeak server
13.09.2015 16:41 <DIR> translations
07.11.2015 18:45 11.544.552 ts3client_win64.exe
23.03.2014 21:48 <DIR> Ubisoft
07.11.2015 18:45 390.800 Uninstall.exe
07.11.2015 18:45 1.514.984 update.exe
22.10.2015 11:20 520.934 usb.ids
02.04.2015 21:16 <DIR> VLC
31.03.2015 22:06 <DIR> VS Revo Group
31.05.2017 21:34 <DIR> VulkanRT
20.03.2017 06:41 <DIR> Windows Defender
23.10.2014 21:44 <DIR> Windows Live
17.05.2017 17:58 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
17.05.2017 18:52 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
24.10.2016 19:12 <DIR> YACReader
20 Datei(en), 37.255.440 Bytes
92 Verzeichnis(se), 59.324.538.880 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\ProgramData
05.06.2016 15:10 <DIR> .mono
18.04.2015 18:13 <DIR> Adobe
26.09.2014 10:34 <DIR> Age of Empires 3
17.06.2015 22:39 <DIR> Battle.net
26.01.2017 21:20 <DIR> Blackmagic Design
17.06.2015 22:40 <DIR> Blizzard Entertainment
13.09.2015 16:36 <DIR> boost_interprocess
23.03.2016 15:04 <DIR> Brother
24.04.2014 15:04 <DIR> Canneverbe Limited
30.08.2016 15:39 <DIR> ClassicShell
16.07.2016 13:47 <DIR> Comms
25.04.2017 21:09 <DIR> Comodo
06.04.2017 18:20 <DIR> Comodo Downloader
23.05.2017 21:48 <DIR> DigitalWave.ApplicationUpdater_files
19.12.2014 21:26 <DIR> hps
19.05.2015 21:14 <DIR> Intel
17.01.2014 22:34 <DIR> Lenovo
24.07.2015 21:37 <DIR> LGMOBILEAX
17.03.2015 08:42 <DIR> Malwarebytes
14.04.2014 15:47 <DIR> McAfee
12.03.2017 13:23 <DIR> Microsoft Help
17.05.2017 19:14 <DIR> Microsoft OneDrive
22.09.2015 22:02 106 Microsoft.SqlServer.Compact.400.64.bc
22.03.2017 17:45 16 mntemp
22.03.2017 17:46 <DIR> Movavi
22.03.2017 17:45 <DIR> Movavi Video Converter 17
17.01.2014 19:21 <DIR> Mozilla
22.03.2017 17:45 5.041 mudtcpaz.vzs
21.01.2017 17:56 <DIR> MyHeritage
19.07.2014 18:45 <DIR> NCH Software
19.07.2014 18:41 <DIR> Nero
05.06.2017 17:22 <DIR> NVIDIA
17.05.2017 17:58 <DIR> NVIDIA Corporation
24.01.2015 14:26 <DIR> Oracle
04.04.2017 16:07 <DIR> Package Cache
26.04.2014 11:25 <DIR> PDF Architect 2
10.06.2015 22:25 <DIR> PDF Architect 3
31.07.2016 15:58 <DIR> PDF Architect 4
23.03.2016 21:42 <DIR> pdfforge
26.05.2017 20:56 <DIR> regid.1991-06.com.microsoft
13.09.2015 15:09 <DIR> Riot Games
19.05.2015 21:14 <DIR> Roaming
23.05.2017 18:53 <DIR> Skype
18.03.2017 23:03 <DIR> SoftwareDistribution
17.03.2015 09:21 <DIR> Spybot - Search & Destroy
09.05.2014 13:28 <DIR> Sun
19.12.2014 21:38 <DIR> tmp
28.03.2014 17:49 <DIR> Ubisoft
17.05.2017 19:13 <DIR> USOPrivate
17.05.2017 19:13 <DIR> USOShared
20.03.2017 06:43 <DIR> WindowsHolographicDevices
3 Datei(en), 5.163 Bytes
48 Verzeichnis(se), 59.324.522.496 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Users\Gloriaflyx\AppData\Roaming
17.05.2017 17:57 <DIR> .
17.05.2017 17:57 <DIR> ..
05.06.2016 15:10 <DIR> .mono
04.02.2016 21:17 <DIR> Adobe
26.05.2017 11:11 <DIR> Ahnenblatt
20.02.2017 22:26 <DIR> Anvsoft
26.01.2017 13:28 <DIR> Apowersoft
25.05.2017 20:42 <DIR> Audacity
15.03.2014 15:26 <DIR> BANDISOFT
20.06.2015 21:18 <DIR> Battle.net
25.01.2014 14:37 <DIR> Brother
11.11.2016 12:45 <DIR> calibre
17.01.2014 19:33 <DIR> Canneverbe Limited
19.06.2016 12:39 <DIR> ClassicShell
17.03.2015 14:29 <DIR> Comodo
23.04.2017 15:08 <DIR> dvdcss
23.05.2017 21:48 <DIR> DVDVideoSoft
26.01.2017 21:15 <DIR> FlashIntegro
12.06.2014 20:04 <DIR> freac
17.03.2015 10:26 <DIR> Geek Uninstaller
10.11.2016 15:58 <DIR> Hola
17.01.2014 17:50 <DIR> Identities
13.05.2014 16:26 <DIR> InstallShield
17.01.2014 18:31 <DIR> Intel
13.05.2014 21:08 <DIR> LibreOffice
13.09.2015 16:06 <DIR> LolClient
17.01.2014 19:19 <DIR> Macromedia
12.04.2011 09:54 <DIR> Media Center Programs
08.10.2016 11:57 <DIR> Morpheus Software
17.01.2014 19:21 <DIR> Mozilla
04.06.2017 13:26 <DIR> Mp3tag
21.01.2017 17:58 <DIR> MyHeritage
19.07.2014 18:45 <DIR> NCH Software
19.07.2014 18:29 <DIR> Nero
27.09.2016 17:53 <DIR> NVIDIA
19.02.2015 15:26 <DIR> Opera Software
18.10.2014 18:05 <DIR> Oracle
21.03.2014 15:35 <DIR> Outerspace Software
14.01.2015 17:14 <DIR> PDF Architect 2
10.06.2015 22:24 <DIR> PDF Architect 3
31.10.2015 13:16 <DIR> PDF Architect 4
18.01.2014 14:03 <DIR> PunkBuster
17.01.2014 22:36 <DIR> PwrMgr
13.09.2015 15:08 <DIR> Riot Games
05.06.2017 17:15 <DIR> Skype
13.09.2015 16:56 <DIR> TS3Client
13.05.2014 16:42 <DIR> Ubisoft
13.05.2014 15:52 <DIR> Unity
03.05.2017 22:34 <DIR> vlc
0 Datei(en), 0 Bytes
49 Verzeichnis(se), 59.324.522.496 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Users\Gloriaflyx\AppData\Local
04.06.2017 22:27 <DIR> .
04.06.2017 22:27 <DIR> ..
19.06.2016 12:34 <DIR> ActiveSync
10.05.2017 10:48 <DIR> Adobe
04.02.2016 21:16 <DIR> Adobe_Systems_Incorporate
14.04.2016 20:40 <DIR> Audacity
03.08.2015 17:26 <DIR> Battle.net
17.06.2015 22:40 <DIR> Blizzard Entertainment
18.07.2015 21:33 <DIR> CEF
20.10.2016 09:26 <DIR> Chromium
05.06.2017 17:18 <DIR> ClassicShell
05.06.2016 15:10 <DIR> Colossal Order
19.06.2016 12:47 <DIR> Comms
17.08.2016 09:52 <DIR> ConnectedDevicesPlatform
22.03.2017 17:47 <DIR> converter
29.04.2017 14:47 <DIR> CrashDumps
11.08.2014 10:53 <DIR> DayZ
18.05.2017 21:45 <DIR> DBG
05.11.2015 12:49 10.752 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
25.11.2016 22:13 <DIR> Diagnostics
01.06.2015 16:56 <DIR> DolphinFutures
16.08.2016 11:56 <DIR> ElevatedDiagnostics
23.09.2015 15:13 <DIR> FluxSoftware
14.01.2017 12:51 67.120 GDIPFONTCACHEV1.DAT
10.01.2017 23:54 <DIR> Google
01.06.2015 07:33 <DIR> GWX
04.12.2015 21:33 <DIR> Intel_Corporation
17.01.2014 22:35 <DIR> Lenovo
17.01.2014 19:26 <DIR> Macromedia
05.06.2017 17:19 <DIR> Microsoft
16.04.2014 15:42 <DIR> Microsoft Help
25.04.2017 21:43 <DIR> MicrosoftEdge
22.03.2017 17:47 <DIR> Movavi
17.01.2014 19:21 <DIR> Mozilla
19.07.2014 18:30 <DIR> Nero
19.07.2014 18:29 <DIR> Nero_AG
26.03.2014 22:55 <DIR> NVIDIA
26.03.2014 22:56 <DIR> NVIDIA Corporation
15.04.2015 20:17 <DIR> openvr
19.02.2015 15:26 <DIR> Opera Software
04.06.2017 22:25 <DIR> Packages
10.10.2016 21:42 <DIR> Paint.NET
03.05.2017 10:27 <DIR> PDFCreator
22.06.2016 19:35 <DIR> PeerDistRepub
17.01.2014 18:19 <DIR> Programs
19.06.2016 12:33 <DIR> Publishers
02.04.2014 17:34 <DIR> PunkBuster
13.03.2014 22:52 1.434 RecConfig.xml
17.01.2014 22:55 <DIR> Secunia PSI
11.12.2015 14:17 <DIR> Skype
02.01.2017 22:17 <DIR> speech
17.12.2016 21:49 <DIR> Steam
05.06.2017 17:22 <DIR> Temp
19.06.2016 12:32 <DIR> TileDataLayer
26.11.2016 22:07 <DIR> Ubisoft Game Launcher
13.05.2014 15:49 <DIR> Unity
11.05.2017 13:51 <DIR> UNP
26.01.2015 11:30 <DIR> VirtualStore
04.10.2016 21:01 <DIR> Windows Live
24.10.2016 18:55 <DIR> YACReader
01.05.2016 21:52 0 {0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
26.10.2015 15:04 0 {309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
11.05.2016 20:19 0 {3CF62346-6D52-4520-A926-FB0B6E652FF3}
22.04.2016 14:12 0 {B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
08.11.2015 20:24 0 {BAE73680-28A1-4D05-AD07-486B48904EAC}
07.12.2015 14:05 0 {D054697A-BAC1-4993-959D-79690D24E3EF}
26.01.2016 20:38 0 {F1079BA0-943D-4D61-A261-CEFBF1919D56}
10 Datei(en), 79.306 Bytes
57 Verzeichnis(se), 59.324.518.400 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Program Files (x86)\Common Files
04.06.2017 22:27 <DIR> .
04.06.2017 22:27 <DIR> ..
18.04.2015 18:13 <DIR> Adobe
18.06.2015 19:34 <DIR> Blizzard Entertainment
26.05.2017 20:56 <DIR> DESIGNER
20.03.2017 22:35 <DIR> DVDVideoSoft
26.01.2017 21:25 <DIR> FlashIntegro
17.01.2014 18:20 <DIR> InstallShield
17.05.2017 17:56 <DIR> Intel
17.01.2014 22:38 <DIR> Lenovo
26.05.2017 20:56 <DIR> Microsoft Shared
18.03.2017 23:03 <DIR> Services
23.05.2017 18:53 <DIR> Skype
17.05.2017 17:58 <DIR> SpeechEngines
04.06.2017 22:29 <DIR> Steam
20.03.2017 06:41 <DIR> System
17.01.2014 19:41 <DIR> Windows Live
0 Datei(en), 0 Bytes
17 Verzeichnis(se), 59.324.514.304 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Program Files\Common Files
17.05.2017 17:58 <DIR> .
17.05.2017 17:58 <DIR> ..
19.05.2015 21:14 <DIR> Intel
17.01.2014 22:38 <DIR> Lenovo
17.05.2017 17:58 <DIR> microsoft shared
18.03.2017 23:03 <DIR> Services
17.05.2017 17:58 <DIR> SpeechEngines
20.03.2017 06:41 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 59.324.518.400 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\Users\Gloriaflyx
05.06.2017 11:48 <DIR> .
05.06.2017 11:48 <DIR> ..
22.07.2015 21:52 <DIR> .android
22.03.2017 17:47 <DIR> .fontconfig
17.01.2014 20:04 <DIR> Application Data
22.07.2015 21:55 <DIR> cminstaller
17.05.2017 19:13 <DIR> Contacts
05.06.2017 17:22 <DIR> Desktop
17.05.2017 19:13 <DIR> Documents
17.05.2017 19:13 <DIR> Downloads
17.05.2017 19:13 <DIR> Favorites
17.05.2017 19:13 <DIR> Links
23.05.2017 21:48 <DIR> Music
17.05.2017 19:13 <DIR> Pictures
19.12.2014 21:25 <DIR> restore
19.05.2015 21:14 <DIR> Roaming
17.05.2017 19:13 <DIR> Saved Games
17.05.2017 19:13 <DIR> Searches
16.03.2015 23:26 <DIR> Start Menu
17.03.2015 10:05 <DIR> Tracing
17.05.2017 19:13 <DIR> Videos
0 Datei(en), 0 Bytes
21 Verzeichnis(se), 59.324.514.304 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Datentr„ger in Laufwerk C: ist System
Volumeseriennummer: 7EBE-FDEA
Verzeichnis von C:\
07.11.2014 20:26 <DIR> 5b9b24d7a42595adf4713d34
16.03.2015 23:26 0 autoexec.bat
23.03.2016 15:07 <DIR> Brother
29.12.2016 22:45 2 END
07.11.2007 09:00 17.734 eula.1028.txt
07.11.2007 09:00 17.734 eula.1031.txt
07.11.2007 09:00 10.134 eula.1033.txt
07.11.2007 09:00 17.734 eula.1036.txt
07.11.2007 09:00 17.734 eula.1040.txt
07.11.2007 09:00 118 eula.1041.txt
07.11.2007 09:00 17.734 eula.1042.txt
07.11.2007 09:00 17.734 eula.2052.txt
07.11.2007 09:00 17.734 eula.3082.txt
05.06.2017 17:22 <DIR> FRST
07.11.2007 09:00 1.110 globdata.ini
17.05.2017 18:47 <DIR> inetpub
21.01.2017 17:57 562.688 install.exe
07.11.2007 09:00 843 install.ini
07.11.2007 09:03 76.304 install.res.1028.dll
07.11.2007 09:03 96.272 install.res.1031.dll
07.11.2007 09:03 91.152 install.res.1033.dll
07.11.2007 09:03 97.296 install.res.1036.dll
07.11.2007 09:03 95.248 install.res.1040.dll
07.11.2007 09:03 81.424 install.res.1041.dll
07.11.2007 09:03 79.888 install.res.1042.dll
07.11.2007 09:03 75.792 install.res.2052.dll
07.11.2007 09:03 96.272 install.res.3082.dll
19.06.2016 12:32 <DIR> Intel
20.06.2016 09:25 <DIR> Logs
26.03.2014 22:52 <DIR> NVIDIA
18.03.2017 23:03 <DIR> PerfLogs
17.05.2017 17:58 <DIR> Program Files
04.06.2017 22:27 <DIR> Program Files (x86)
05.06.2017 10:33 278.372 TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
17.05.2017 17:58 <DIR> Users
07.11.2007 09:00 5.686 vcredist.bmp
07.11.2007 09:09 1.442.522 VC_RED.cab
07.11.2007 09:12 232.960 VC_RED.MSI
05.06.2017 10:29 <DIR> Windows
19.06.2016 12:33 <DIR> Windows10Upgrade
27 Datei(en), 3.448.221 Bytes
13 Verzeichnis(se), 59.324.510.208 Bytes frei
========= Ende von CMD: =========
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54793920 B
Java, Flash, Steam htmlcache => 237571235 B
Windows/system/drivers => 7519517 B
Edge => 2742325 B
Chrome => 0 B
Firefox => 408952229 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 13986 B
NetworkService => 55994 B
Gloriaflyx => 470590126 B
DefaultAppPool => 0 B
RecycleBin => 134 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:22:45 ====
Code:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 05/06/2017 um 17:26:59
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Carola Ilgen - BALDER
# Gestartet von : C:\Users\Carola Ilgen\Desktop\adwcleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Carola Ilgen\AppData\Roaming\Hola
[-] Ordner gelöscht: C:\Program Files\Hola
***** [ Dateien ] *****
[-] Datei gelöscht: C:\END
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Hola
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Hola
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Hola
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Hosts-Datei wiederhergestellt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1953 Bytes] - [05/06/2017 17:26:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [1974 Bytes] - [05/06/2017 17:26:33]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2099 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 05.06.17
Scan-Zeit: 17:35
Protokolldatei: mbm.txt
Administrator: Ja
-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.139
Version des Aktualisierungspakets: 1.0.2060
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Balder\Carola Ilgen
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 443602
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 0 Min., 58 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
05.06.2017, 16:50
| #10 |
| | ESET meldet FundeCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (05-06-2017 17:39:54)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-05]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-05] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-05] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-05] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-05] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-05] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 17:39 - 2017-06-05 17:39 - 00001387 _____ C:\Users\Gloriaflyx\Desktop\mbm.txt
2017-06-05 17:34 - 2017-06-05 17:34 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-05 17:34 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-05 17:32 - 2017-06-05 17:32 - 64025992 _____ (Malwarebytes ) C:\Users\Gloriaflyx\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-05 17:31 - 2017-06-05 17:31 - 00566128 _____ (Malwarebytes) C:\Users\Gloriaflyx\Desktop\mbam-clean-2.3.0.1001.exe
2017-06-05 17:28 - 2017-06-05 17:28 - 00002193 _____ C:\Users\Gloriaflyx\Desktop\AdwCleaner[C0].txt
2017-06-05 17:24 - 2017-06-05 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-05 17:23 - 2017-06-05 17:33 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-05 17:22 - 2017-06-05 17:22 - 00033291 _____ C:\Users\Gloriaflyx\Desktop\Fixlog.txt
2017-06-05 17:21 - 2017-06-05 17:21 - 00002462 _____ C:\Users\Gloriaflyx\Desktop\Neues Textdokument.txt
2017-06-05 17:20 - 2017-06-05 17:20 - 00274495 _____ C:\Users\Gloriaflyx\Desktop\ESET meldet Funde.pdf
2017-06-05 17:18 - 2017-06-05 17:18 - 04110280 _____ C:\Users\Gloriaflyx\Desktop\adwcleaner_6.047.exe
2017-06-05 10:32 - 2017-06-05 10:32 - 00139141 _____ C:\Users\Gloriaflyx\Desktop\tdss.txt
2017-06-05 10:30 - 2017-06-05 10:33 - 00278372 _____ C:\TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
2017-06-05 10:28 - 2017-06-05 17:40 - 00020008 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-05 10:28 - 2017-06-05 10:30 - 00065598 _____ C:\Users\Gloriaflyx\Desktop\Addition.txt
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-05 17:39 - 00000000 ____D C:\FRST
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-05 17:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-05 17:22 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-05 17:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-06-05 17:32 - 02947146 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-05 17:23 - 00503280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-17 17:55 - 2017-06-04 13:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-05 17:33 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 17:33 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-05 17:33 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-05 17:33 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-05 17:32 - 2017-03-20 06:41 - 01355204 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-05 17:32 - 2017-03-20 06:41 - 00327976 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-05 17:32 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-05 17:32 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-05 17:32 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-05 17:30 - 2014-04-02 20:05 - 01421862 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-05 17:29 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-05 17:22 - 2016-12-27 17:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-05 13:46 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-30 21:44
==================== Ende von FRST.txt ============================
|
|
05.06.2017, 16:51
| #11 |
| | ESET meldet FundeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 17:40:41)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version: - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-06-05 17:34 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-06-05 17:26 - 00000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{FE739527-3544-4C0F-A9E8-9EB45E2DF04F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A0C4A37E-6493-42AB-8E3C-27BDB3D4AA92}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
==================== Wiederherstellungspunkte =========================
31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (06/05/2017 05:33:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 05:33:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/05/2017 05:33:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (06/05/2017 05:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 05:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 05:31:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (06/05/2017 05:31:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (06/05/2017 05:27:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 05:27:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-06-05 17:39:42.968
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:33:19.735
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:33:19.697
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:33:17.384
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:33:17.384
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:31:10.838
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:31:10.800
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:31:08.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:31:08.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 17:27:52.962
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 5099.55 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12790.55 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:226.47 GB) (Free:56.32 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
06.06.2017, 09:16
| #12 |
| /// TB-Ausbilder | ESET meldet Funde Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
06.06.2017, 20:12
| #13 |
| | ESET meldet Funde Hey Matthias, ich schreibe grad vom Handy aus. ich wollte gerade mit Schritt 1 beginnen, aber mein Virenprogramm scheint sich irgendwie mit FRST zu fetzen. Bisher wurde es virtualisiert, dem bin ich begekommen, indem ich FRST zu vertrauenswürdigen Dateien hinzugefügt habe und es einfach neugestartet habe. Jetzt nach einem FRST Update funktioniert gar nix mehr. Virenprogramm virtualisiert und FRST hängt sich auf, zeitweise ist sogar das Fenster einfach schwarz. Es lässt sich nicht beenden und meldet ständig Errors beim Sichern der Registry. Hab schon die ältere Version verwendet und/oder das Virenprogramm, das auch schwerfällig reagiert, abgeschaltet. Hat beides nicht geholfen, nur ein erzwungenes Abschalten des PCs hat zumindest dafür gesorgt, dass der Rechner überhaupt wieder reagiert hat. EDIT: Hat sich erledigt. Ich habe ein bisschen die Einstellungen von CMOMODO verändert, aber da habe ich noch eine kleine Frage zu. Die kommt dann unten. Jetzt funzt FRST. Ist trotzdem zum kotzen. Von FRST ist kein Fixlog erschienen. Code:
ATTFilter
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# end=init
# utc_time=2017-06-06 05:56:28
# local_time=2017-06-06 07:56:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 33635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# end=updated
# utc_time=2017-06-06 05:58:29
# local_time=2017-06-06 07:58:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# engine=33635
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-06-06 07:02:49
# local_time=2017-06-06 09:02:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='COMODO Antivirus'
# compatibility_mode=3096 16777213 100 87 3626483 113823481 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 8081 6908765 0 0
# scanned=343829
# found=0
# cleaned=0
# scan_time=3859
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (06-06-2017 21:06:13)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-06]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-06] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-06] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-06] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-06] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-06] ()
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-06 21:06 - 2017-06-06 21:06 - 00019475 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-06 19:54 - 2017-06-06 19:54 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-06 19:53 - 2017-06-06 19:53 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-06 19:52 - 2017-06-06 19:52 - 00000000 _____ C:\Users\Gloriaflyx\Desktop\Neues Textdokument (2).txt
2017-06-06 19:44 - 2017-06-06 19:52 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-06 19:02 - 2017-06-06 19:02 - 11584088 _____ (SurfRight B.V.) C:\Users\Gloriaflyx\Desktop\HitmanPro_x64.exe
2017-06-06 19:02 - 2017-06-06 19:02 - 02870984 _____ (ESET) C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe
2017-06-05 17:34 - 2017-06-06 20:58 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-05 17:34 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-05 17:32 - 2017-06-05 17:32 - 64025992 _____ (Malwarebytes ) C:\Users\Gloriaflyx\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-05 17:31 - 2017-06-05 17:31 - 00566128 _____ (Malwarebytes) C:\Users\Gloriaflyx\Desktop\mbam-clean-2.3.0.1001.exe
2017-06-05 17:24 - 2017-06-05 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-05 17:22 - 2017-06-06 19:52 - 00001564 _____ C:\Users\Gloriaflyx\Desktop\Fixlog.txt
2017-06-05 17:18 - 2017-06-05 17:18 - 04110280 _____ C:\Users\Gloriaflyx\Desktop\adwcleaner_6.047.exe
2017-06-05 10:30 - 2017-06-05 10:33 - 00278372 _____ C:\TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
2017-06-05 10:26 - 2017-06-06 19:03 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-06 21:06 - 00000000 ____D C:\FRST
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-06 19:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-06 19:54 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-06-06 19:43 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-06 19:58 - 03133926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-06-06 19:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-06 21:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-06-06 19:05 - 00503280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-06 21:06 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-06 21:04 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-06 21:03 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-06 21:03 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-06 19:58 - 2017-03-20 06:41 - 01456856 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-06 19:58 - 2017-03-20 06:41 - 00356392 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-06 19:53 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-06 19:53 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-06 19:53 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-06 19:52 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-06 19:34 - 2014-04-02 20:05 - 01427136 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-06 18:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-05 17:22 - 2016-12-27 17:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-05 13:46 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-30 21:44
==================== Ende von FRST.txt ============================
Geändert von Gloriaflyx (06.06.2017 um 18:41 Uhr) |
|
06.06.2017, 20:13
| #14 |
| | ESET meldet FundeCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017
durchgeführt von Gloriaflyx (06-06-2017 21:06:57)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version: - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version: - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&page=tsInstall
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-06-05 17:34 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-19 14:31 - 2016-06-19 14:31 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-06-01 18:48 - 2017-06-01 18:48 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-01 18:48 - 2017-06-01 18:48 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 19:42 - 2017-05-26 19:43 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-01 18:48 - 2017-06-01 18:48 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-06-01 18:48 - 2017-06-01 18:48 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 19:42 - 2017-05-26 19:43 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-06-05 17:26 - 00000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{FE739527-3544-4C0F-A9E8-9EB45E2DF04F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A0C4A37E-6493-42AB-8E3C-27BDB3D4AA92}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
==================== Wiederherstellungspunkte =========================
31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/06/2017 09:04:05 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/06/2017 09:04:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/06/2017 09:03:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/06/2017 07:58:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/06/2017 07:57:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/06/2017 07:57:11 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/06/2017 07:57:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/06/2017 07:56:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/06/2017 07:53:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (06/06/2017 07:53:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (06/06/2017 07:58:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (06/06/2017 07:58:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (06/06/2017 07:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (06/06/2017 07:58:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (06/06/2017 07:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (06/06/2017 07:58:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (06/06/2017 07:56:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (06/06/2017 07:56:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
Error: (06/06/2017 07:56:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (06/06/2017 07:56:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-06-06 21:03:49.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 21:03:24.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 20:13:03.193
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 20:08:44.346
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 20:07:35.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-06 20:07:26.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 19:53:19.873
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 19:53:19.810
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 19:53:19.807
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-06 19:53:19.804
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 4664.7 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12102.93 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:226.47 GB) (Free:55.89 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
06.06.2017, 20:25
| #15 |
| | ESET meldet Funde So, nun die Fragen: Ich habe jetzt keine Probleme bemerkt, das blöde Ding hat nur bei der Auführung von FRST einen False Positive, aber ich habe eine Frage bzgl. meines Virenprogramms, wie ich oben ja schon beschrieben habe. Ich musste ein paar Echtzeitkomponenten ausschalten, damit FRST funktioniert und da habe ich mir die Frage gestellt, welche Komponenten, rot markiert, eigentlich wichtig sind (hatte vorher alle aktiv.) Das blau markierte bezieht sich auf die Einstellung des HIPS. Und eine kleine Frage aus Neugier: Was hatte sich denn bei mir eingenistet? LG Gloriaflyx |
|
| Themen zu ESET meldet Funde |
| .dll, administrator, adobe flash player, adware, defender, dll, error, explorer, firefox, flash player, homepage, mozilla, nvidia, ordner, prozesse, realtek, registry, rundll, scan, security, services.exe, software, system, teamspeak, ublock, ublock origin, windows, windowsapps |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
