| |
| |||||||
Log-Analyse und Auswertung: Combofix-Log-Auswertung für NeulingWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.09.2017, 21:02
| #1 |
 |  Combofix-Log-Auswertung für Neuling Hallo! Ich bin ganz neu hier, also versteht es bitte, falls ich irgendwas falsch mache/gemacht habe. Ich war heute auf meinem Amazon-Konto, weil ich etwas bestellen wollte. Als ich mich einloggen wollte, stand dort auf einmal im login eine andere als meine eigene Mail-Adresse. Es war eine Wegwerf-Adresse. Ich konnte mich allerdings mit meinem Passwort einloggen. Ich habe sofort alles geändert (Passwort und Mailadresse) und auch bei meinen beiden Mailadressen das Passwort geändert. Ich muss dazu sagen, dass mir schon häufiger gesagt wurde, dass von einer meiner beiden Mailadressen komische Spam-Mails verschickt werden. Bisher dachte ich, das Problem wäre dadurch gelöst, dass ich ab und an mein Mail-Passwort ändere. Aber als das dann heute mit Amazon passiert ist, dachte ich, ich sollte mal meinen PC checken. Durch googlen, was man da tun kann, bin ich auf das Programm Combofix gekommen. Als ich das Programm durchlaufen lassen habe, habe ich die angehängte log-Datei bekommen. Erst dann ist es mir mal in den Sinn bekommen, dass das kein Programm für Anfänger ist und ich absolut keine Ahnung habe, was ich nun machen soll.  Ich hoffe, ihr könnt mir helfen. Ich habe leider wirklich keine Ahnung von solchen Sachen. Also erklärt es mir bitte idiotensicher... Ich hoffe, jemand kann mir helfen! |
|
15.09.2017, 20:55
| #2 |
| /// TB-Ausbilder   | Combofix-Log-Auswertung für Neuling Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
18.09.2017, 20:15
| #3 |
| /// TB-Ausbilder | Combofix-Log-Auswertung für Neuling Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM inklusive Link zum Thema an mich falls du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
26.09.2017, 20:10
| #4 |
| | verspätete Antwort Entschuldigung nochmal, dass ich erst so spät antworte. Die Symptome sind leider nicht verschwunden. Von einem meiner Mailkontos werden offenbar weiterhin Spam-Mails verschickt, zumindest bekomme ich Bescheinigungen, dass eine meiner Mails nicht zugestellt werden konnte, die ich natürlich nicht geschickt habe... Ich verwende für die Mails übrigens Outlook, falls das wichtig ist. Hier die Log-Dateien: FRST.TXT: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2017 01
durchgeführt von Johannes (Administrator) auf JOHANNES-PC (26-09-2017 20:50:59)
Gestartet von C:\Users\Johannes\Downloads
Geladene Profile: Johannes (Verfügbare Profile: Johannes & Uni & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-21] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8069024 2013-11-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6201248 2013-11-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53649;https=127.0.0.1:53649
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{62DD59A3-AECC-42F1-B257-BDC13679AEF5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79D2D9C7-490F-4EFB-8BCE-C515442DF0E0}: [NameServer] 141.30.1.1,141.76.14.1
Tcpip\..\Interfaces\{84567B36-88A2-4704-894E-0EF333596947}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-06-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-31] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-31] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9ira0lt3.default
FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Zotero\Zotero\Profiles\9ira0lt3.default [2017-09-26]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-09-22] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2017-09-22] [ist nicht signiert]
FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default [2017-09-24]
FF Extension: (spottster.com) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\com.spottster.addon.firefox@jetpack.xpi [2016-04-27]
FF Extension: (Security Protection) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\detgdp@gmail.com [2015-01-01] [ist nicht signiert]
FF Extension: (Der Camelizer) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\izer@camelcamelcamel.com.xpi [2017-09-08]
FF Extension: (Zotero) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-09-16]
FF Extension: (Gutscheinaffe) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2017-09-08]
FF Extension: (Adblock Plus) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-11-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1420131101&from=wpm12311&uid=HGSTXHTS545032A7E380_TMA45C480EH8YM0EH8YMX
CHR Profile: C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default [2017-09-26]
CHR Extension: (Google Präsentationen) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-02]
CHR Extension: (Google Docs) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-15]
CHR Extension: (Google Drive) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-15]
CHR Extension: (YouTube) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-15]
CHR Extension: (Adblock Plus) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Google-Suche) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-18]
CHR Extension: (Google Docs Offline) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-02]
CHR Extension: (Скачать музыку Вконтакте) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hanjiajgnonaobdlklncdjdmpbomlhoa [2017-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
CHR Extension: (Citavi Picker) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2017-03-29]
CHR Extension: (Google Mail) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-20] (Dropbox, Inc.)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-01-28] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [204096 2014-01-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310960 2016-10-30] (Overwolf LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl72c8e1eb; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C632B318-AEC6-418D-A8E7-88E405E6B684}\MpKsl72c8e1eb.sys [44928 2017-09-26] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-07] (Vimicro Corporation)
R3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S2 hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]
S2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [X]
S2 vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-26 20:50 - 2017-09-26 20:52 - 000022403 _____ C:\Users\Johannes\Downloads\FRST.txt
2017-09-26 20:50 - 2017-09-26 20:50 - 000000000 ____D C:\FRST
2017-09-26 20:35 - 2017-09-26 20:50 - 002399744 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2017-09-25 11:57 - 2017-09-25 11:57 - 000322469 _____ C:\Users\Johannes\Downloads\006.VG-chapter.pdf
2017-09-24 19:57 - 2017-09-25 10:41 - 000009008 _____ C:\Users\Johannes\Desktop\Kopfschmerztagebuch.xlsx
2017-09-23 10:39 - 2017-09-23 10:39 - 000408444 _____ C:\Users\Johannes\Downloads\9783658139315-c2.pdf
2017-09-23 08:54 - 2017-09-23 08:54 - 000001536 _____ C:\Users\Johannes\Desktop\Bachelorarbeit - Verknüpfung.lnk
2017-09-21 21:58 - 2017-09-21 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-21 15:12 - 2017-09-21 15:12 - 000060438 _____ C:\Users\Johannes\Downloads\STUDIIBescheinigungImmaoU (1).pdf
2017-09-20 18:48 - 2017-09-20 18:48 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-20 18:48 - 2017-09-20 18:48 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-18 19:11 - 2017-09-18 19:11 - 001201048 _____ C:\Windows\Minidump\091817-44491-01.dmp
2017-09-18 19:10 - 2017-09-18 19:10 - 537626535 _____ C:\Windows\MEMORY.DMP
2017-09-18 15:32 - 2017-09-18 15:32 - 002378571 _____ C:\Users\Johannes\Downloads\8518.pdf
2017-09-15 21:30 - 2017-09-15 21:30 - 000002613 _____ C:\Users\Johannes\Downloads\ComboFix-quarantined-files.txt
2017-09-15 20:33 - 2017-09-15 20:39 - 008182736 _____ (Malwarebytes) C:\Users\Johannes\Desktop\adwcleaner_7.0.2.1.exe
2017-09-15 20:25 - 2017-09-15 20:25 - 000003250 _____ C:\Windows\System32\Tasks\{18D5BFA1-9370-419A-94F5-CB77D4444E16}
2017-09-15 15:12 - 2017-09-15 15:12 - 000006438 _____ C:\Users\Johannes\Downloads\{397648F0-6BA8-4BC9-B8EC-02A1F0C4C208}.xls
2017-09-14 22:04 - 2017-09-14 22:04 - 000029401 _____ C:\Users\Johannes\Downloads\ComboFix.txt
2017-09-14 21:40 - 2017-09-14 21:40 - 000029401 _____ C:\ComboFix.txt
2017-09-14 21:05 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-14 21:05 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-14 21:05 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-14 20:56 - 2017-09-14 21:05 - 000306107 _____ (Swearware) C:\Users\Johannes\Downloads\Nicht bestätigt 166292.crdownload
2017-09-14 20:54 - 2017-09-14 21:40 - 000000000 ____D C:\Qoobox
2017-09-14 20:53 - 2017-09-14 21:37 - 000000000 ____D C:\Windows\erdnt
2017-09-14 20:47 - 2017-09-14 20:48 - 005660248 ____R (Swearware) C:\Users\Johannes\Downloads\ComboFix.exe
2017-09-13 08:14 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 08:14 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 08:14 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-13 08:14 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 08:14 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 08:14 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 08:14 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 08:14 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 08:14 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 08:14 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 08:14 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 08:14 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-13 08:14 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 08:14 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 08:14 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-13 08:14 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 08:14 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 08:14 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 08:14 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 08:14 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 08:14 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-13 08:14 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 08:14 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 08:14 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 08:14 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 08:14 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 08:14 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 08:14 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 08:14 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 08:14 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 08:14 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 08:14 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 08:14 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 08:14 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 08:14 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 08:14 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 08:14 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-13 08:14 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 08:14 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 08:14 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 08:14 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 08:14 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-13 08:14 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-13 08:14 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-13 08:14 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 08:14 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 08:14 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 08:14 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 08:14 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-13 08:13 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 08:13 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 08:13 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 08:13 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-13 08:13 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 08:13 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 08:13 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 08:13 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 08:13 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 08:13 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 08:13 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 08:13 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 08:13 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 08:13 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 08:13 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 08:13 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-13 08:13 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 08:13 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-13 08:13 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-13 08:13 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 08:13 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 08:13 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-13 08:13 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 08:13 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 08:13 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 08:13 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 08:13 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-13 08:13 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-13 08:13 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-13 08:13 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-13 08:13 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 08:13 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-13 08:13 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-13 08:13 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-13 08:13 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-13 08:13 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-13 08:13 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 08:13 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-13 08:13 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 08:13 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 08:13 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 08:13 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 08:13 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 08:13 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 08:13 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 08:13 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 08:13 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 08:13 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 08:13 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-13 08:13 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 08:13 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-13 08:13 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 08:13 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-13 08:13 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 08:13 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 08:13 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-13 08:13 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-13 08:13 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-12 09:22 - 2017-09-12 09:23 - 000263171 _____ C:\Users\Johannes\Downloads\Bewertung_Motivation.pdf
2017-09-10 14:05 - 2017-09-10 14:06 - 001437807 _____ C:\Users\Johannes\Downloads\8435.pdf
2017-09-08 10:57 - 2017-09-08 10:58 - 006111629 _____ C:\Users\Johannes\Downloads\fileadmin-user_upload-PDF-berichtsbaende-VuMA_2017_Berichtsband.pdf
2017-09-08 09:30 - 2017-09-08 09:31 - 000742603 _____ C:\Users\Johannes\Downloads\PIP_Teens_Games_and_Civics_Report_FINAL.pdf.pdf
2017-09-08 08:50 - 2017-09-08 08:50 - 001024060 _____ C:\Users\Johannes\Downloads\PI_2015-12-15_gaming-and-gamers_FINAL.pdf
2017-09-08 08:26 - 2017-09-08 08:26 - 000003034 _____ C:\Windows\System32\Tasks\{6B76AC51-6F5C-478A-9258-5552981164C2}
2017-09-08 08:26 - 2017-09-08 08:26 - 000003034 _____ C:\Windows\System32\Tasks\{57CC44A5-EFB1-4DA5-B38E-123E221D3461}
2017-09-07 19:18 - 2017-09-18 19:11 - 000000000 ____D C:\Windows\Minidump
2017-09-07 19:18 - 2017-09-07 19:19 - 001256824 _____ C:\Windows\Minidump\090717-44382-01.dmp
2017-09-07 09:58 - 2017-09-23 08:54 - 000000000 ____D C:\Users\Uni\Desktop\6.-7. Semester
2017-09-03 21:35 - 2017-09-04 12:59 - 000000000 ____D C:\Users\Johannes\Documents\Schweden-Krankenhaus
2017-09-01 10:47 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-01 10:47 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-01 10:47 - 2017-07-14 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-01 10:46 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-01 10:46 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-09-01 10:46 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-09-01 10:46 - 2017-07-14 17:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-09-01 10:46 - 2017-07-14 17:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-09-01 10:46 - 2017-07-14 17:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-09-01 10:46 - 2017-07-14 17:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-09-01 10:46 - 2017-07-14 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-01 10:46 - 2017-07-14 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-01 10:46 - 2017-07-14 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-09-01 10:46 - 2017-07-14 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-09-01 10:46 - 2017-07-14 16:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-01 10:46 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-01 10:46 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-09-01 10:46 - 2017-07-08 17:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-01 10:46 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-01 10:46 - 2017-07-07 17:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-09-01 10:46 - 2017-07-07 17:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-26 20:41 - 2015-06-22 19:15 - 000001218 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-26 20:41 - 2015-06-22 19:15 - 000001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-26 20:37 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-26 20:37 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-26 20:17 - 2013-11-29 22:55 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2017-09-25 09:53 - 2014-06-22 20:41 - 000000000 ____D C:\Users\Johannes\AppData\Local\Battle.net
2017-09-24 20:51 - 2014-06-22 20:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-24 20:17 - 2014-06-22 20:53 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-09-22 15:04 - 2016-05-26 14:33 - 000000000 ____D C:\Program Files (x86)\Zotero Standalone
2017-09-22 09:52 - 2014-06-18 18:24 - 000002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 21:58 - 2015-06-22 19:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-19 08:28 - 2013-11-29 22:55 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-09-18 19:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-18 19:10 - 2016-11-16 11:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-18 19:10 - 2013-11-30 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-15 23:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-15 21:26 - 2015-01-01 19:03 - 000000000 ____D C:\AdwCleaner
2017-09-15 21:24 - 2013-12-15 16:51 - 000056320 ___SH C:\Users\Johannes\Thumbs.db
2017-09-15 21:18 - 2014-11-01 19:55 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-15 21:10 - 2015-05-26 19:56 - 000000000 ____D C:\ProgramData\Trymedia
2017-09-15 11:52 - 2016-06-25 11:35 - 000000000 ____D C:\Windows\pss
2017-09-15 08:50 - 2014-03-02 20:00 - 000000000 ____D C:\Users\Johannes\Desktop\sortieren
2017-09-14 21:35 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2017-09-14 11:34 - 2010-11-21 08:50 - 000702064 _____ C:\Windows\system32\perfh007.dat
2017-09-14 11:34 - 2010-11-21 08:50 - 000150698 _____ C:\Windows\system32\perfc007.dat
2017-09-14 11:34 - 2009-07-14 07:13 - 001627626 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 11:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-14 11:23 - 2009-07-14 06:45 - 000463016 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-14 11:14 - 2013-11-29 17:03 - 000000000 ____D C:\Windows\system32\MRT
2017-09-14 11:06 - 2013-11-29 17:03 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-14 10:47 - 2013-11-29 19:08 - 001601906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-12 20:21 - 2013-11-30 14:14 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-12 20:21 - 2013-11-30 14:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-12 20:21 - 2013-11-30 14:14 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 20:20 - 2013-11-30 14:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-12 20:20 - 2013-11-30 14:14 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-08 08:30 - 2016-11-16 12:36 - 000000000 ____D C:\Users\Johannes\AppData\LocalLow\Mozilla
2017-09-07 19:46 - 2015-06-22 19:20 - 000000000 ___RD C:\Users\Johannes\Dropbox
2017-09-07 09:56 - 2014-11-05 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2017-09-07 09:56 - 2013-11-29 23:15 - 000000000 ____D C:\Program Files (x86)\Cisco
2017-09-07 09:55 - 2014-11-05 23:00 - 000000000 ____D C:\ProgramData\Cisco
2017-09-04 21:47 - 2015-05-28 15:46 - 000000000 ____D C:\Users\Johannes\AppData\Roaming\Audacity
2017-08-31 22:27 - 2015-07-03 21:57 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-31 22:25 - 2016-07-30 20:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 20:46 - 2015-04-01 12:32 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-03-13 20:56 - 2017-03-13 20:56 - 000001217 _____ () C:\Users\Johannes\AppData\Local\psppirerc
2017-03-13 20:56 - 2017-03-13 20:56 - 000010850 _____ () C:\Users\Johannes\AppData\Local\recently-used.xbel
2013-11-29 23:36 - 2013-11-29 23:37 - 000002205 _____ () C:\Users\Johannes\AppData\Local\WiDiSetupLog.20131129.223618.txt
2014-11-09 14:25 - 2014-11-09 14:25 - 000000057 _____ () C:\ProgramData\Ament.ini
2015-11-14 18:52 - 2015-11-14 18:52 - 000000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
2017-09-15 20:23 - 2017-09-15 20:24 - 000740416 _____ (Oracle Corporation) C:\Users\Johannes\AppData\Local\Temp\jre-8u144-windows-au.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-02-13 15:16
==================== Ende von FRST.txt ============================
|
|
26.09.2017, 20:12
| #5 |
| | Combofix-Log-Auswertung für Neuling hier die nächste Datei: (Ist es eigentlich möglich das im Nachhinein zu anonymisieren?) ADDITION.TXT Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2017 01
durchgeführt von Johannes (26-09-2017 20:54:24)
Gestartet von C:\Users\Johannes\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-29 20:39:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3713904842-3737894215-1530784781-500 - Administrator - Disabled)
Gast (S-1-5-21-3713904842-3737894215-1530784781-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3713904842-3737894215-1530784781-1002 - Limited - Enabled)
Johannes (S-1-5-21-3713904842-3737894215-1530784781-1000 - Administrator - Enabled) => C:\Users\Johannes
Uni (S-1-5-21-3713904842-3737894215-1530784781-1003 - Administrator - Enabled) => C:\Users\Uni
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{169BAE78-A355-48F1-9A62-39F44804CE29}) (Version: 3.3.42.70280 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.3.42.70280 - Alcor Micro Corp.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.01044 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{D0D55FBB-BF2B-4B0D-9D0E-A4A0E1DB5DDF}) (Version: 4.5.01044 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Double Pack Burger Shop Deluxe (HKLM-x32\...\e868d14d921fe32308758a4cb836a5e2) (Version: - Zylom)
Double Pack Burger Shop Deluxe (HKLM-x32\...\fb6b3d6a15f43a4190e1dbbde9562faf) (Version: - Zylom)
Double Pack Delicious Deluxe (HKLM-x32\...\1cc19516e92a6f56c7aded5e04cdc19c) (Version: - Zylom)
Dropbox (HKLM-x32\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - )
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.2.5 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.2.5 - Lenovo)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.17.1125 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1125 - DVDVideoSoft Ltd.)
GoGear SA5MXX_V2 Device Manager (HKLM-x32\...\{4BFC5335-CE8C-4F4E-A2E6-8B07CF599D10}) (Version: 1.00 - Ihr Firmenname)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.26.00.06 - Huawei Technologies Co.,Ltd)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Inquisit 4 Web Player (HKLM\...\{E8620E4B-8567-4E07-8CDB-8432054BD5B2}) (Version: 4.0.8.0 - Millisecond Software)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.1206.1 - Vimicro)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.99.11.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PokeMMO (HKLM-x32\...\PokeMMO_is1) (Version: - PokeMMO)
PSPP (HKLM-x32\...\PSPP) (Version: 0.10.4 - Free Software Foundation, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{A5BB6A58-BC1A-48A7-BB19-1768A80CF9C9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Supermarket Mania(R) 2 (HKLM-x32\...\be45c0c959302115103bb04dd55d7f0e) (Version: - Zylom)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.3.00000 - VMware, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers4-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-07] (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {19D2B353-6DBC-4BF1-9CD1-CCE09B2AA089} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-10-30] (Overwolf LTD)
Task: {1F233AE9-CB44-42FA-B08C-92DE4EE4130B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {2326A950-472A-4873-BA62-B7126E35C731} - System32\Tasks\{57CC44A5-EFB1-4DA5-B38E-123E221D3461} => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017-07-22] (Cisco Systems, Inc.)
Task: {32A9273B-7018-419C-BEA4-6F00442F2364} - System32\Tasks\{D98EF6B9-006A-4E46-AE6D-841589A58BBD} => C:\Users\Johannes\Downloads\Hearthstone Deck Tracker.exe [2015-11-12] (Epix)
Task: {3E17BFD9-E7AB-4F29-9951-694035CF64B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation)
Task: {49E38F27-DA06-4241-BFCE-4B874079CC2C} - System32\Tasks\{C72AD2AA-8132-4720-AED8-A13A3710BE2C} => C:\Users\Johannes\Downloads\Hearthstone Deck Tracker.exe [2015-11-12] (Epix)
Task: {5C0E729D-17DB-4BB6-9819-219E7CA3B097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5CF595C5-EC47-4EFB-A448-DBDA0CB6F349} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {71CCF520-0BC5-46CF-896D-2A2D75A0E701} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {78100506-D6F0-47D6-B9A0-E30F7576D5CC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {7DC8FC9A-121E-4047-A5CE-233B2F337EF8} - System32\Tasks\{18D5BFA1-9370-419A-94F5-CB77D4444E16} => C:\Windows\system32\pcalua.exe -a C:\Users\Johannes\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {7E21310E-E574-4DBF-8786-A9DD25170256} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-24] (Microsoft Corporation)
Task: {9FB0CB49-71DF-4DE8-B8D2-2DDF5E168A3D} - System32\Tasks\HP AR Program Upload - 4811cd8c08034312991abe64220277c5d82e076025cd4736a335bd16fbaf2628 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A4FD7AE3-9CF3-4FD5-ABC1-24003A89FB6F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {ACAC9E37-F929-49A4-986D-9ADCB19D208D} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B35B98DD-C1AA-4ECF-924D-2F6676860B47} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {B89594A6-E027-40E5-99F8-EB797F9CACCD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {BDD8A54F-25B3-45EA-8C43-D042CC917581} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {C78AD151-7E42-44E5-9BE5-447C7980A9C5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {C95DB26F-297B-4528-AE97-D9A63BF9ED6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {D7531752-9CBA-4560-A655-A04B4A62CB85} - System32\Tasks\HP AR Program Upload - 54ff7944da244accb89631a69a7866c840937d2dbc8e4020bd676cfb7120f1bd => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {DCB63D9B-A754-437D-8452-69B35390A753} - System32\Tasks\{6B76AC51-6F5C-478A-9258-5552981164C2} => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017-07-22] (Cisco Systems, Inc.)
Task: {EC17B2BB-016F-408F-B694-C8A778861080} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation)
Task: {F9D72BFD-5D5E-4FE9-93D8-9374F121C642} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-08-21 16:52 - 2014-01-28 09:44 - 000137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2016-08-21 16:52 - 2014-01-28 09:44 - 000204096 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2013-11-29 22:55 - 2011-12-16 06:37 - 000128280 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2008-12-20 04:20 - 2013-11-29 23:23 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-01-04 19:46 - 2013-11-29 23:23 - 001496480 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2008-12-20 04:20 - 2013-11-29 23:23 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2013-11-29 22:59 - 2012-02-17 02:21 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-14 17:18 - 2011-12-14 17:18 - 000119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2017-09-22 09:52 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-22 09:52 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-09-14 12:41 - 2017-09-14 12:41 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f203ecbdc8e8f4f836e1627efb89f9ae\IsdiInterop.ni.dll
2013-11-29 22:50 - 2011-11-29 21:00 - 000059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-29 22:54 - 2011-12-16 04:39 - 001198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-06-24 06:51 - 2016-06-24 07:05 - 003540680 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 002603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 21:15 - 2011-08-15 21:15 - 000382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 17:41 - 2011-08-17 17:41 - 000400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 000322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 14:29 - 2011-11-25 14:29 - 000015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 001006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 000195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 20:23 - 2011-08-15 20:23 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 14:28 - 2011-11-25 14:28 - 000484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 14:42 - 2011-11-25 14:42 - 000499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 14:26 - 2011-11-25 14:26 - 000013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 17:05 - 2011-07-19 17:05 - 014978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 17:04 - 2011-07-19 17:04 - 000317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 21:17 - 2011-08-15 21:17 - 009224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2017-09-21 21:57 - 2017-09-20 18:48 - 000771904 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-09-21 21:57 - 2017-09-20 18:48 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-21 21:57 - 2017-09-20 18:49 - 000023872 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_bootstrap.dll
2017-09-21 21:58 - 2017-09-20 18:48 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-09-21 21:58 - 2017-09-20 18:48 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-09-21 21:58 - 2017-09-20 18:50 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000045888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-09-21 21:57 - 2017-09-20 18:49 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-21 21:58 - 2017-09-20 18:50 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-09-21 21:57 - 2017-09-20 18:49 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-09-21 21:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Johannes\Documents\Fragenbogen_Armoneit_Burk_LeHuyen_Reber_Stein.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Johannes\Documents\Hausaufgabe Gruppe 3.docx:com.dropbox.attributes [256]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear SA5MXX_V2 Device Manager.lnk => C:\Windows\pss\Philips GoGear SA5MXX_V2 Device Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Johannes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Johannes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 3520 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupreg: 331BigDog => C:\Program Files (x86)\USB Camera\VM331_STI.EXE
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Mobile Partner => C:\Program Files (x86)\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Johannes\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Johannes\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F4BCAB59-9496-45DF-87CA-536F004FECDE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{5DAE6D06-12F3-4E20-837C-A5B794B760EC}C:\users\johannes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johannes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5926719F-7D54-42FA-A7A3-03506482A08A}C:\users\johannes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johannes\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1DBFD9BF-7C33-4823-8602-C0C036612745}C:\users\johannes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johannes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B90A053E-E619-4BA8-8C4B-0E6EDD72057C}C:\users\johannes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johannes\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0806763C-0379-4A04-8C7E-FE3D5E2E8518}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{07703543-4CD4-4F91-970D-C2E4910E1E41}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E7538A87-65AD-44E9-9029-39784758BE3A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{ACB7D56A-5B0A-4498-9625-2B1A18BD8843}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{4D696304-C354-413C-B06B-0489BD7C76E2}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9F688552-8B69-4E26-9F15-3E7AFE36C3F9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1091BB4F-61CF-49A8-8E07-04CB8DCE146D}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{02895CE8-2166-46C3-8B82-2FB12579A2EE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{E9F16B5C-9512-4908-A6EC-9766647DA247}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [UDP Query User{F5E2582A-6F0B-4CB0-99FA-6D5D9A4BB80C}C:\programdata\battle.net\agent\agent.3023\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3023\agent.exe
FirewallRules: [TCP Query User{FA086242-4290-4040-BC09-2C6FC53096E7}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{387A700C-E5B8-4DEF-AC37-FCC6C3DD680B}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [TCP Query User{955BB63B-02AE-43E2-AB56-0832FE645756}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [UDP Query User{23428EF6-95A4-474A-8F0A-2A7618D92299}C:\programdata\battle.net\agent\agent.3147\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3147\agent.exe
FirewallRules: [TCP Query User{5807CCFA-1669-4010-8054-D11D30AD4528}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{8A2C3E7C-4D0F-4C37-9BF4-9C36D204497D}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [TCP Query User{59CD5E53-D892-4229-9A45-0914EE68388F}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [UDP Query User{238A1E97-563D-4489-BC7E-85FD98F84AFA}C:\programdata\battle.net\agent\agent.3235\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3235\agent.exe
FirewallRules: [TCP Query User{3C903BD3-1C9D-45F7-A164-91346187BC17}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{F62A2747-502D-4B4A-A074-DF8667DA9846}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [TCP Query User{4BAA8922-CA06-4BCF-8D33-397AF8AE8DC6}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [UDP Query User{45E2AD9B-53D8-4BC8-86EF-B71B45D7D3B8}C:\programdata\battle.net\agent\agent.3322\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3322\agent.exe
FirewallRules: [TCP Query User{AE33E6D2-64D3-4985-A176-DDAA07FD48C5}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [UDP Query User{E57ED2ED-25F1-41EE-A910-E152D164A8C3}C:\programdata\battle.net\agent\agent.3323\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3323\agent.exe
FirewallRules: [TCP Query User{49DCC170-17C3-417A-B6A8-262FEDD54D78}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [UDP Query User{75129978-2759-4572-91B2-27FD91DF6B5C}C:\programdata\battle.net\agent\agent.3334\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3334\agent.exe
FirewallRules: [TCP Query User{E731E6F0-8BD7-42FE-82E0-828E98AAA452}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{2F673AF5-BDD7-40B4-AA11-72515EFF3AC6}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [TCP Query User{5EEB6C51-0181-4B0F-96BB-1D19BA03B257}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [UDP Query User{2A812201-492D-4AA2-9405-9ABB3E76B0A2}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{A5937626-5F88-4B6D-9DB4-197AD425B27E}] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{031B22B4-C008-4748-8C1B-708305517680}] => (Block) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [TCP Query User{EC4777F3-2B32-4BD2-AE0C-1D0C1F1077DE}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{7689EC76-768D-46DB-8B75-53F849C42582}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{7A65E04C-BF4B-45D3-87C3-08E4B326B38D}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [UDP Query User{8F24E579-3BE0-40EB-9236-2F9E7B9F780F}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [TCP Query User{83C4EAD0-D748-4621-A8A8-203E04A4B6F5}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [UDP Query User{A0E58502-C005-4793-A750-0178448426AA}C:\programdata\battle.net\agent\agent.3427\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3427\agent.exe
FirewallRules: [{6C62441D-93E3-4472-9157-8DB7B40E2240}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F43A93D-7CDB-4049-A431-1DAF7021936D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{A1B7C804-6B29-4F19-AA59-14372AE7FC7B}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [UDP Query User{66CA1ED4-EED1-45B4-9AE2-C418EFFDC1D4}C:\programdata\battle.net\agent\agent.3454\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3454\agent.exe
FirewallRules: [TCP Query User{6AD05FB7-2ECB-4E5B-B456-CD9E85F26E5E}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [UDP Query User{E9E014F7-94F3-46ED-A399-E6AD263EB68D}C:\programdata\battle.net\agent\agent.3478\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3478\agent.exe
FirewallRules: [TCP Query User{1EFBC12B-1919-4032-9966-D388AB339197}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{59C975F6-F7E7-44E6-88F9-67E961008334}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [TCP Query User{E63D656C-8DEA-477F-83CF-C41198A1E9CB}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{64EC3620-A7E9-4195-B489-6B17D274F546}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{D5F5F0A1-B604-4614-B240-251D5F4A6E1A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{06EC7787-15A7-4223-BBF7-688EEA31D08F}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{AADF7516-150A-4207-BA00-C67153151CA9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3ED4F556-1991-4517-9613-94957A70653F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{C44D8A7D-5146-4D3B-8DEB-0B1641E9D398}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{1E8F30C9-0B97-40B1-9B1E-7963F474BE0A}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [UDP Query User{53503480-768A-48ED-AA82-F60BDC3B5D53}C:\programdata\battle.net\agent\agent.3526\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3526\agent.exe
FirewallRules: [TCP Query User{21F73B8E-2C67-44BD-9A9E-C639538A10DB}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [UDP Query User{4F039BF1-BF50-4941-BBAD-506FDE60019A}C:\programdata\battle.net\agent\agent.3632\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3632\agent.exe
FirewallRules: [TCP Query User{96CB08FE-065D-4559-BA04-116ECFAFF4DC}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [UDP Query User{12DA14F2-767A-4FF8-B8A9-1213D211B8BE}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe
FirewallRules: [TCP Query User{490D1C2D-537C-49DE-A49F-F8ED4FF7522D}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [UDP Query User{3E9707DE-FBD1-40F1-A478-764E3EF43D85}C:\programdata\battle.net\agent\agent.3669\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{AA69EB62-EC51-4C85-BE47-EE37C6ABD8C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2BB9BE20-7593-430C-8CAD-DD06419D02DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E57F0A44-6223-4243-8491-2B498A3CB133}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{EE3B99EF-E043-4B0C-BA64-6487062B4257}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [TCP Query User{1B55AA76-9F23-4083-A253-8C2202C6A914}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [UDP Query User{D31DD184-6291-46C4-93F7-6F43D4D584E4}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
FirewallRules: [TCP Query User{4C686609-CFCC-4CF2-82BD-D7B42799CAB3}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [UDP Query User{E04DE016-1E60-4B6B-8089-1D45690AC595}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [TCP Query User{658EE703-6E5D-48E4-9079-26DEC32FFF99}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{F92D1319-EC97-4515-876D-1728330B96EC}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4E4B103B-2558-46E2-9561-C95F1DF0524C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{974A16E9-04C8-4935-B4DC-EC6D8E1EFE20}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{DD360DEA-2BD7-40B8-B3BC-3A902C904C1B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AAC7B5A3-37F8-44F2-BB01-3540FABC87DB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{ED006776-2D80-4A94-B56C-3BCAA1DECC8B}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4739B6FE-2DCA-414B-8EB9-CF2D41C07A1E}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F4186844-A288-459D-AE00-ACC2907DAC33}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A788A953-CFF1-42CD-A3BA-12F9EA485F39}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0D31CF9D-0632-4303-9DFF-7B726C4371E8}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{328C171A-7B53-4666-A05A-8F26CB3CD13B}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0CBA8157-5075-41CE-A850-66F643D6A595}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E3B1C544-0F6A-4D62-B29D-F6C9F78FF7CE}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{08BB7E6C-F9BB-4612-9D57-8D99B5E41ECB}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AF34A6E7-4003-4F38-BAD6-12E9B583E9E6}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{6E0BFFD8-A2E5-4328-AA57-3F73188386BA}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5968A8E9-A73E-42EC-A60B-D524104CEF1D}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C0C2B911-2242-4A34-8AD2-26BCBFA6EBDA}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{31C401AC-9123-4FBE-A6C2-A4DA78FEFF1E}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{238A1C39-1C06-4C43-B383-F63C1C36D28A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{98507B51-6F21-4B81-BE4C-41916C86C407}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{66BFD985-D0D2-42A3-9322-F8B913ABBE36}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{28073E8F-45D9-4DA7-9A5E-2A9A0D33C5C0}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{ED352F4F-2823-4C8C-82CC-3EC2DB45C3B2}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CD269D07-0B72-4608-981A-B767C80A3880}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe
FirewallRules: [{496CB1BF-7A58-4D40-B38E-B335C839D793}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{1C195C95-D918-4A54-91F5-B3CF96BDE97E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{70054E06-CF83-46E1-BED4-FA5E01BCCEE6}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{683D9518-9C53-4F1C-8E74-FB3C518FB682}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{2818D791-1923-4CEC-AF99-4321541C5BD1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{244FA403-1BDB-4D68-86E5-6895CABD3F90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3C390C4-235A-4221-A958-2D6D20E60653}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D396FB5A-3DB2-42B2-B0F7-60E334F6CEC6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{E6A05851-831C-48DD-88B1-C32080E0E634}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5455AF3D-50AE-4D2A-9FF5-B7B6D7C037C3}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C2F3009C-C2B4-4439-828B-3B27ADEAA2E1}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{ED86EC0D-ACA2-4954-9C10-3AD86B0AF753}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{53EF71C9-C255-4EAF-BC41-3D91B304302C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C69D6502-C16B-4F31-AC88-17F540566ADD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F56E7F49-AAF2-4755-B6B4-DD748EBA4410}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{FB04BE55-D7A7-464B-A3F0-99B6D47C12CD}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{DBCB2DE5-81A6-47F0-BF3E-3DC81324D503}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [{AE09C0B5-D004-4146-A200-2824AF069031}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D4FF711F-1063-44A9-B045-7175151FA433}] => (Allow) C:\Users\Johannes\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{711C22C8-5871-498F-A076-C3FA448B05F7}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{7D1F946C-4B18-465B-B49A-2DE411988A94}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{837E7B56-F3E2-4731-8896-FC7EAD4F30BE}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{39C5CB44-C44F-42D1-8BB0-B50565D335B1}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{F5AC180A-F245-4502-86C1-71CF10A4757A}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{7646085C-4977-4C66-B9AA-176B8D47E797}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{B1A4FC68-1502-4408-B331-B9BDD66B517C}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{D0CC8F9E-2579-41EA-B840-E2852BA6BFBC}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{48A9182B-4BD2-43C1-892A-A4C4D66CA55E}] => (Allow) C:\Users\Johannes\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{0F4EB9B8-9744-404E-8276-A954DA59145F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FD16B6C5-214E-4F1D-96F9-F4A693AF8E7D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{161E4654-9F1C-4FE0-9820-7070DD4FC5E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{858A748F-AB02-43A0-91A7-F30CFB83B84C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56FE4814-E2BD-490D-ACBE-326F860B3A69}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{B2CE2881-D1AC-4354-B4F7-BBE8ED71516B}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{68B1F770-5C74-42A6-ABC1-5AE4F2734C23}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BCD0FE90-EA4C-49C9-A319-29E2972011BE}] => (Allow) LPort=2869
FirewallRules: [{B9FE2771-B7E4-415C-8E4B-0A7A78B91A33}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{30B11154-7823-41DF-918C-AC8F58846F9E}C:\program files (x86)\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{553868C0-B2E1-44C6-9412-99C8B398E531}C:\program files (x86)\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base49907\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{AD96C59A-1A46-45DA-B6B5-02BD88AEE315}C:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C7068EF2-6FB6-4293-A841-ECB5894C8520}C:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base50286\heroesofthestorm_x64.exe
FirewallRules: [{0B2C3601-A992-4D16-B0AC-1558B664740F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{6CCCAB7B-9BBF-4E8C-83F4-DD6A0AE2E38A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
14-09-2017 10:40:33 Windows Update
15-09-2017 21:16:56 TubeBox
17-09-2017 17:44:09 Windows Update
20-09-2017 18:44:21 Windows Update
23-09-2017 21:31:42 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetBridge
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware Network Application Interface
Description: VMware Network Application Interface
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetuserif
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware vmx86
Description: VMware vmx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: VMware hcmon
Description: VMware hcmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hcmon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/26/2017 01:57:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3105
Error: (09/26/2017 01:57:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3105
Error: (09/26/2017 01:57:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2017 01:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2106
Error: (09/26/2017 01:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2106
Error: (09/26/2017 01:57:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2017 01:57:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1108
Error: (09/26/2017 01:57:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1108
Error: (09/26/2017 01:57:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2017 12:20:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9501
Systemfehler:
=============
Error: (09/23/2017 09:33:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.251.1360.0)
Error: (09/23/2017 09:32:39 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.251.1312.0
Aktualisierungsquelle: Microsoft Update Server
Aktualisierungsphase: Installieren
Quellpfad: hxxp://www.microsoft.com
Signaturtyp: AntiVirus
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14104.0
Fehlercode: 0x80070643
Fehlerbeschreibung: Schwerwiegender Fehler bei der Installation.
Error: (09/21/2017 09:48:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.251.1261.0)
Error: (09/21/2017 09:48:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von Microsoft-Antischadsoftware ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.251.1167.0
Aktualisierungsquelle: Microsoft Update Server
Aktualisierungsphase: Installieren
Quellpfad: hxxp://www.microsoft.com
Signaturtyp: AntiVirus
Aktualisierungstyp: Vollständig
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14104.0
Fehlercode: 0x80070643
Fehlerbeschreibung: Schwerwiegender Fehler bei der Installation.
Error: (09/19/2017 12:02:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/19/2017 12:02:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/19/2017 12:02:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/19/2017 12:02:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/19/2017 12:00:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/19/2017 12:00:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 3941.37 MB
Verfügbarer physikalischer RAM: 1717.11 MB
Summe virtueller Speicher: 7880.92 MB
Verfügbarer virtueller Speicher: 4885.84 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.87 GB) (Free:30.1 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C3FFC3FF)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
26.09.2017, 20:32
| #6 |
| | Combofix-Log-Auswertung für Neuling Hier der Report vom tdsskiller: Code:
ATTFilter 21:28:43.0941 0x1374 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:28:43.0941 0x1374 UEFI system
21:28:58.0810 0x1374 ============================================================
21:28:58.0810 0x1374 Current date / time: 2017/09/26 21:28:58.0810
21:28:58.0810 0x1374 SystemInfo:
21:28:58.0810 0x1374
21:28:58.0810 0x1374 OS Version: 6.1.7601 ServicePack: 1.0
21:28:58.0810 0x1374 Product type: Workstation
21:28:58.0811 0x1374 ComputerName: JOHANNES-PC
21:28:58.0811 0x1374 UserName: Johannes
21:28:58.0812 0x1374 Windows directory: C:\Windows
21:28:58.0812 0x1374 System windows directory: C:\Windows
21:28:58.0812 0x1374 Running under WOW64
21:28:58.0812 0x1374 Processor architecture: Intel x64
21:28:58.0812 0x1374 Number of processors: 2
21:28:58.0812 0x1374 Page size: 0x1000
21:28:58.0812 0x1374 Boot type: Normal boot
21:28:58.0812 0x1374 CodeIntegrityOptions = 0x00000001
21:28:58.0812 0x1374 ============================================================
21:28:59.0371 0x1374 KLMD registered as C:\Windows\system32\drivers\91924612.sys
21:28:59.0372 0x1374 KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23889, osProperties = 0x1
21:29:02.0661 0x1374 System UUID: {42970BC6-8F10-0921-7054-72C6EEA07D4B}
21:29:04.0374 0x1374 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:29:04.0380 0x1374 ============================================================
21:29:04.0380 0x1374 \Device\Harddisk0\DR0:
21:29:04.0380 0x1374 GPT partitions:
21:29:04.0381 0x1374 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DD138F83-AD8F-40B6-8EAC-374922F3F38B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:29:04.0381 0x1374 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D0F47269-FB60-4A08-AAE3-5B7EBFD3BBA2}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:29:04.0381 0x1374 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {09C75237-F861-44C4-970E-B4A86996F8A0}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x253BC000
21:29:04.0381 0x1374 MBR partitions:
21:29:04.0381 0x1374 ============================================================
21:29:04.0497 0x1374 C: <-> \Device\Harddisk0\DR0\Partition3
21:29:04.0497 0x1374 ============================================================
21:29:04.0497 0x1374 Initialize success
21:29:04.0497 0x1374 ============================================================
21:29:47.0968 0x21fc ============================================================
21:29:47.0968 0x21fc Scan started
21:29:47.0968 0x21fc Mode: Manual; SigCheck; TDLFS;
21:29:47.0968 0x21fc ============================================================
21:29:47.0968 0x21fc KSN ping started
21:29:48.0359 0x21fc KSN ping finished: true
21:29:49.0351 0x21fc ================ Scan system memory ========================
21:29:49.0352 0x21fc System memory - ok
21:29:49.0359 0x21fc ================ Scan services =============================
21:29:49.0998 0x21fc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:29:50.0097 0x21fc 1394ohci - ok
21:29:50.0168 0x21fc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:29:50.0230 0x21fc ACPI - ok
21:29:50.0273 0x21fc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:29:50.0324 0x21fc AcpiPmi - ok
21:29:50.0395 0x21fc [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
21:29:50.0554 0x21fc ACPIVPC - ok
21:29:50.0744 0x21fc [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
21:29:50.0831 0x21fc acsock - ok
21:29:51.0045 0x21fc [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:29:51.0082 0x21fc AdobeARMservice - ok
21:29:51.0357 0x21fc [ 3E27E2DAA6869642B2DCB85C777E38B7, FB60068DFEA117006D8236DE73CC5A9B65272C6F739E2C8D1DD771360B9D989F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:51.0495 0x21fc AdobeFlashPlayerUpdateSvc - ok
21:29:51.0579 0x21fc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:29:51.0642 0x21fc adp94xx - ok
21:29:51.0686 0x21fc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:29:51.0738 0x21fc adpahci - ok
21:29:51.0796 0x21fc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:29:51.0835 0x21fc adpu320 - ok
21:29:51.0887 0x21fc [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:29:51.0923 0x21fc AeLookupSvc - ok
21:29:52.0032 0x21fc [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
21:29:52.0104 0x21fc AFD - ok
21:29:52.0159 0x21fc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:29:52.0190 0x21fc agp440 - ok
21:29:52.0242 0x21fc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:29:52.0282 0x21fc ALG - ok
21:29:52.0328 0x21fc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:29:52.0358 0x21fc aliide - ok
21:29:52.0368 0x21fc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:29:52.0401 0x21fc amdide - ok
21:29:52.0476 0x21fc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:29:52.0517 0x21fc AmdK8 - ok
21:29:52.0536 0x21fc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:29:52.0581 0x21fc AmdPPM - ok
21:29:52.0622 0x21fc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:29:52.0677 0x21fc amdsata - ok
21:29:52.0713 0x21fc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:29:52.0802 0x21fc amdsbs - ok
21:29:52.0822 0x21fc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:29:52.0844 0x21fc amdxata - ok
21:29:52.0893 0x21fc [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:29:52.0934 0x21fc AMPPAL - ok
21:29:52.0953 0x21fc [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:29:52.0997 0x21fc AMPPALP - ok
21:29:53.0134 0x21fc [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:29:53.0200 0x21fc AMPPALR3 - ok
21:29:53.0263 0x21fc [ C5D5B9BAF5A940953FE8393BF937AD60, 089985EB94755EBDC0D839173F2E7B29B104746DEF6CC503039E31D2791E2FDC ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
21:29:53.0289 0x21fc AmUStor - ok
21:29:53.0349 0x21fc [ 086CA47573FAF282C93BE3416E1B6D65, 608D208B9D5FDB8A6DAABA939EAC664FFBFA294FD53CCD21942C27F1B8FF016A ] AppID C:\Windows\system32\drivers\appid.sys
21:29:53.0385 0x21fc AppID - ok
21:29:53.0424 0x21fc [ 5B502842E57F10BDC0301E15B98E3E26, 2FEC4F4409C9BF3A89E69C1806F8D9F37CF405E22971C68B5E297A43A8D6B3C4 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:29:53.0451 0x21fc AppIDSvc - ok
21:29:53.0500 0x21fc [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
21:29:53.0532 0x21fc Appinfo - ok
21:29:53.0609 0x21fc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:29:53.0641 0x21fc arc - ok
21:29:53.0657 0x21fc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:29:53.0691 0x21fc arcsas - ok
21:29:53.0971 0x21fc [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:29:54.0130 0x21fc aspnet_state - ok
21:29:54.0152 0x21fc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:29:54.0245 0x21fc AsyncMac - ok
21:29:54.0302 0x21fc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:29:54.0330 0x21fc atapi - ok
21:29:54.0421 0x21fc [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:29:54.0502 0x21fc AudioEndpointBuilder - ok
21:29:54.0558 0x21fc [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:29:54.0637 0x21fc AudioSrv - ok
21:29:54.0688 0x21fc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:29:54.0747 0x21fc AxInstSV - ok
21:29:54.0841 0x21fc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:29:54.0904 0x21fc b06bdrv - ok
21:29:54.0978 0x21fc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:29:55.0029 0x21fc b57nd60a - ok
21:29:55.0465 0x21fc [ 43AD3D3E7674833FCA9A7C4E7180AD54, 81CBF3146853FCCA26C14D23160892BD892269C5BB8B2167837339372BD38DA2 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:29:55.0783 0x21fc BCM43XX - ok
21:29:55.0869 0x21fc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:29:55.0899 0x21fc BDESVC - ok
21:29:55.0919 0x21fc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:29:55.0991 0x21fc Beep - ok
21:29:56.0081 0x21fc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:29:56.0179 0x21fc BFE - ok
21:29:56.0268 0x21fc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:29:56.0420 0x21fc BITS - ok
21:29:56.0479 0x21fc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:29:56.0514 0x21fc blbdrive - ok
21:29:56.0615 0x21fc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:29:56.0668 0x21fc Bonjour Service - ok
21:29:56.0743 0x21fc [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:29:56.0783 0x21fc bowser - ok
21:29:56.0824 0x21fc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:29:56.0863 0x21fc BrFiltLo - ok
21:29:56.0871 0x21fc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:29:56.0911 0x21fc BrFiltUp - ok
21:29:56.0953 0x21fc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:29:57.0054 0x21fc BridgeMP - ok
21:29:57.0099 0x21fc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:29:57.0140 0x21fc Browser - ok
21:29:57.0166 0x21fc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:29:57.0217 0x21fc Brserid - ok
21:29:57.0228 0x21fc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:29:57.0269 0x21fc BrSerWdm - ok
21:29:57.0298 0x21fc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:29:57.0336 0x21fc BrUsbMdm - ok
21:29:57.0354 0x21fc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:29:57.0387 0x21fc BrUsbSer - ok
21:29:57.0574 0x21fc [ D4D389ECC09405F351C1EB7C4F591B0C, E6B8D801E591C793A7CA35252D44A436D1BA35BECE46EDA12C393D4910A3D1A1 ] BstHdAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Service.exe
21:29:57.0634 0x21fc BstHdAndroidSvc - ok
21:29:57.0688 0x21fc [ A9D7DCEDAD90C21D9AF75199559825BC, 6FE4F520DCFD6814435A112662D0B9F1E04F42E2301B35C740C2DEADBDF48649 ] BstHdDrv C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys
21:29:57.0728 0x21fc BstHdDrv - ok
21:29:57.0847 0x21fc [ 5DCF4EA66BE147BBBA3C08D9159B76DB, EE7680AA5C6CBF7C94CC4F62524AB1F537112C72F7F4B18D8150DB4EB5BAB9B2 ] BstHdLogRotatorSvc C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
21:29:57.0907 0x21fc BstHdLogRotatorSvc - ok
21:29:58.0006 0x21fc [ 510ABEC164B92BCEAFEC4248EB6FF01C, 8AC898806D758DD9136B6C9F80F3144E64085F1A54B33C3783CC42CB2BB42F7B ] BstHdPlusAndroidSvc C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
21:29:58.0071 0x21fc BstHdPlusAndroidSvc - ok
21:29:58.0158 0x21fc [ 95820BAC50416203BAB1AA3B1D5C6ED5, 472A7ECE8F11597620D27EF37204AF42B92290C228B267B4AA3B5066F40B60CD ] BstkDrv C:\Program Files (x86)\Bluestacks\BstkDrv.sys
21:29:58.0208 0x21fc BstkDrv - ok
21:29:58.0241 0x21fc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:29:58.0285 0x21fc BTHMODEM - ok
21:29:58.0316 0x21fc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:29:58.0432 0x21fc bthserv - ok
21:29:58.0466 0x21fc [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:29:58.0507 0x21fc BTHSSecurityMgr - ok
21:29:58.0534 0x21fc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:29:58.0660 0x21fc cdfs - ok
21:29:58.0701 0x21fc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:29:58.0747 0x21fc cdrom - ok
21:29:58.0794 0x21fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:29:58.0898 0x21fc CertPropSvc - ok
21:29:58.0920 0x21fc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:29:58.0968 0x21fc circlass - ok
21:29:59.0050 0x21fc [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS C:\Windows\system32\CLFS.sys
21:29:59.0133 0x21fc CLFS - ok
21:29:59.0765 0x21fc [ 1475C7821E9E919D14817D46C830D28B, 4ACC419736027184278915345BF10CBAAFB93B6F50A789CBC675FA126DAFC1A6 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:30:00.0095 0x21fc ClickToRunSvc - ok
21:30:00.0247 0x21fc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:00.0332 0x21fc clr_optimization_v2.0.50727_32 - ok
21:30:00.0470 0x21fc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:30:00.0534 0x21fc clr_optimization_v2.0.50727_64 - ok
21:30:00.0759 0x21fc [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:01.0072 0x21fc clr_optimization_v4.0.30319_32 - ok
21:30:01.0105 0x21fc [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:30:01.0254 0x21fc clr_optimization_v4.0.30319_64 - ok
21:30:01.0303 0x21fc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:30:01.0336 0x21fc CmBatt - ok
21:30:01.0362 0x21fc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:30:01.0389 0x21fc cmdide - ok
21:30:01.0522 0x21fc [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
21:30:01.0598 0x21fc CNG - ok
21:30:01.0638 0x21fc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:30:01.0666 0x21fc Compbatt - ok
21:30:01.0699 0x21fc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:30:01.0739 0x21fc CompositeBus - ok
21:30:01.0752 0x21fc COMSysApp - ok
21:30:02.0025 0x21fc [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:30:02.0075 0x21fc cphs - ok
21:30:02.0119 0x21fc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:30:02.0147 0x21fc crcdisk - ok
21:30:02.0214 0x21fc [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:30:02.0264 0x21fc CryptSvc - ok
21:30:02.0502 0x21fc [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:30:02.0542 0x21fc dbupdate - ok
21:30:02.0572 0x21fc [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:30:02.0609 0x21fc dbupdatem - ok
21:30:02.0657 0x21fc dbx - ok
21:30:02.0707 0x21fc [ 7F9D1FFB41D77DFA105E139881A86210, 6EC44131F7A89B0FCA736C5E52309706365909C155FC4DB5BF6F642BCFB0C1B4 ] DbxSvc C:\Windows\system32\DbxSvc.exe
21:30:02.0738 0x21fc DbxSvc - ok
21:30:02.0830 0x21fc [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:30:02.0908 0x21fc DcomLaunch - ok
21:30:02.0965 0x21fc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:30:03.0079 0x21fc defragsvc - ok
21:30:03.0132 0x21fc [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:30:03.0172 0x21fc DfsC - ok
21:30:03.0225 0x21fc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:30:03.0279 0x21fc Dhcp - ok
21:30:03.0524 0x21fc [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
21:30:03.0682 0x21fc DiagTrack - ok
21:30:03.0712 0x21fc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:30:03.0806 0x21fc discache - ok
21:30:03.0876 0x21fc [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
21:30:03.0909 0x21fc Disk - ok
21:30:03.0972 0x21fc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:30:04.0017 0x21fc Dnscache - ok
21:30:04.0076 0x21fc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:30:04.0183 0x21fc dot3svc - ok
21:30:04.0208 0x21fc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:30:04.0309 0x21fc DPS - ok
21:30:04.0382 0x21fc [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:30:04.0413 0x21fc drmkaud - ok
21:30:04.0523 0x21fc [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:30:04.0620 0x21fc DXGKrnl - ok
21:30:04.0683 0x21fc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:30:04.0785 0x21fc EapHost - ok
21:30:05.0044 0x21fc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:30:05.0309 0x21fc ebdrv - ok
21:30:05.0357 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] EFS C:\Windows\System32\lsass.exe
21:30:05.0391 0x21fc EFS - ok
21:30:05.0530 0x21fc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:30:05.0626 0x21fc ehRecvr - ok
21:30:05.0643 0x21fc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:30:05.0683 0x21fc ehSched - ok
21:30:05.0767 0x21fc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:30:05.0831 0x21fc elxstor - ok
21:30:05.0841 0x21fc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:30:05.0873 0x21fc ErrDev - ok
21:30:05.0954 0x21fc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:30:06.0073 0x21fc EventSystem - ok
21:30:06.0273 0x21fc [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:30:06.0338 0x21fc EvtEng - ok
21:30:06.0400 0x21fc [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
21:30:06.0446 0x21fc exfat - ok
21:30:06.0491 0x21fc [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:30:06.0538 0x21fc fastfat - ok
21:30:06.0686 0x21fc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:30:06.0766 0x21fc Fax - ok
21:30:06.0792 0x21fc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:30:06.0839 0x21fc fdc - ok
21:30:06.0872 0x21fc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:30:06.0965 0x21fc fdPHost - ok
21:30:06.0975 0x21fc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:30:07.0068 0x21fc FDResPub - ok
21:30:07.0108 0x21fc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:30:07.0140 0x21fc FileInfo - ok
21:30:07.0151 0x21fc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:30:07.0245 0x21fc Filetrace - ok
21:30:07.0255 0x21fc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:30:07.0288 0x21fc flpydisk - ok
21:30:07.0328 0x21fc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:30:07.0376 0x21fc FltMgr - ok
21:30:07.0522 0x21fc [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
21:30:07.0643 0x21fc FontCache - ok
21:30:07.0698 0x21fc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:30:07.0725 0x21fc FontCache3.0.0.0 - ok
21:30:07.0760 0x21fc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:30:07.0791 0x21fc FsDepends - ok
21:30:07.0835 0x21fc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:30:07.0865 0x21fc Fs_Rec - ok
21:30:07.0943 0x21fc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:30:08.0007 0x21fc fvevol - ok
21:30:08.0055 0x21fc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:30:08.0086 0x21fc gagp30kx - ok
21:30:08.0190 0x21fc [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
21:30:08.0281 0x21fc gpsvc - ok
21:30:08.0386 0x21fc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:08.0419 0x21fc gupdate - ok
21:30:08.0449 0x21fc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:08.0481 0x21fc gupdatem - ok
21:30:08.0509 0x21fc hcmon - ok
21:30:08.0548 0x21fc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:30:08.0593 0x21fc hcw85cir - ok
21:30:08.0658 0x21fc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:30:08.0721 0x21fc HdAudAddService - ok
21:30:08.0742 0x21fc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:30:08.0789 0x21fc HDAudBus - ok
21:30:08.0818 0x21fc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:30:08.0854 0x21fc HidBatt - ok
21:30:08.0870 0x21fc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:30:08.0915 0x21fc HidBth - ok
21:30:08.0936 0x21fc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:30:08.0977 0x21fc HidIr - ok
21:30:09.0005 0x21fc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:30:09.0099 0x21fc hidserv - ok
21:30:09.0135 0x21fc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:30:09.0167 0x21fc HidUsb - ok
21:30:09.0327 0x21fc [ 79DDC6AA15247A38E18131D5F680845C, AFB7F05F5854861A7271B913143CE9364DBEB8708C8088E3BDE61551AB24BC55 ] HiSuiteOuc64.exe C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
21:30:09.0358 0x21fc HiSuiteOuc64.exe - ok
21:30:09.0412 0x21fc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:30:09.0509 0x21fc hkmsvc - ok
21:30:09.0553 0x21fc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:30:09.0601 0x21fc HomeGroupListener - ok
21:30:09.0644 0x21fc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:30:09.0689 0x21fc HomeGroupProvider - ok
21:30:09.0730 0x21fc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:30:09.0763 0x21fc HpSAMD - ok
21:30:09.0877 0x21fc [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:30:09.0992 0x21fc HTTP - ok
21:30:10.0147 0x21fc [ C7F0B7C4B72ED9FA5B2043C9D375E3E1, 38A098258A7D72E1E3D71D779FA7ED653572832A58EA866BB433FB0A5FC5ED73 ] HuaweiHiSuiteService64.exe C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
21:30:10.0188 0x21fc HuaweiHiSuiteService64.exe - ok
21:30:10.0293 0x21fc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:30:10.0322 0x21fc hwpolicy - ok
21:30:10.0377 0x21fc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:30:10.0423 0x21fc i8042prt - ok
21:30:10.0507 0x21fc [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:30:10.0577 0x21fc iaStor - ok
21:30:10.0689 0x21fc [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:30:10.0715 0x21fc IAStorDataMgrSvc - ok
21:30:10.0773 0x21fc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:30:10.0830 0x21fc iaStorV - ok
21:30:10.0943 0x21fc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:30:11.0048 0x21fc idsvc - ok
21:30:11.0062 0x21fc IEEtwCollectorService - ok
21:30:11.0493 0x21fc [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:30:11.0905 0x21fc igfx - ok
21:30:11.0941 0x21fc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:30:11.0965 0x21fc iirsp - ok
21:30:12.0055 0x21fc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:30:12.0150 0x21fc IKEEXT - ok
21:30:12.0547 0x21fc [ BB0D3D57C25D6C5215077A8FAA7AD4B3, 886B543BB75F01F8EE7C8BC1603189259248B8EC397BD851ECBBB0DDAE1D2D69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:30:12.0961 0x21fc IntcAzAudAddService - ok
21:30:13.0058 0x21fc [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:30:13.0123 0x21fc Intel(R) Capability Licensing Service Interface - ok
21:30:13.0176 0x21fc [ C9DCE1CB628AEED3C0C30ABBF4F1E718, 794E6BE05010E315C321DA75ED8FF427CAF3C2AA7C723B267CB22A5D9FC8C4C8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:30:13.0209 0x21fc Intel(R) ME Service - ok
21:30:13.0240 0x21fc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:30:13.0269 0x21fc intelide - ok
21:30:13.0311 0x21fc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:30:13.0349 0x21fc intelppm - ok
21:30:13.0391 0x21fc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:30:13.0509 0x21fc IPBusEnum - ok
21:30:13.0527 0x21fc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:13.0635 0x21fc IpFilterDriver - ok
21:30:13.0732 0x21fc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:30:13.0808 0x21fc iphlpsvc - ok
21:30:13.0824 0x21fc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:30:13.0861 0x21fc IPMIDRV - ok
21:30:13.0876 0x21fc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:30:13.0975 0x21fc IPNAT - ok
21:30:14.0027 0x21fc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:30:14.0071 0x21fc IRENUM - ok
21:30:14.0080 0x21fc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:30:14.0108 0x21fc isapnp - ok
21:30:14.0164 0x21fc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:30:14.0211 0x21fc iScsiPrt - ok
21:30:14.0264 0x21fc [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:30:14.0289 0x21fc iusb3hcs - ok
21:30:14.0347 0x21fc [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:30:14.0411 0x21fc iusb3hub - ok
21:30:14.0488 0x21fc [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:30:14.0570 0x21fc iusb3xhc - ok
21:30:14.0610 0x21fc [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:30:14.0656 0x21fc jhi_service - ok
21:30:14.0686 0x21fc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:30:14.0719 0x21fc kbdclass - ok
21:30:14.0738 0x21fc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:30:14.0779 0x21fc kbdhid - ok
21:30:14.0812 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] KeyIso C:\Windows\system32\lsass.exe
21:30:14.0841 0x21fc KeyIso - ok
21:30:14.0880 0x21fc [ 7635071BC8EDBC8B501F4EF2B0A82820, 276A5672196EF3990FB1A2CE646B6B92241580E1BB96BCCA3CBDC781CF42111A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:30:14.0909 0x21fc KSecDD - ok
21:30:14.0937 0x21fc [ 033937305C234FC8215A4692193AA43E, 1E48CA1F8020F9DA0778A0F39A69C3B918CF878B152A3B38A5D3B9892154B6DB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:30:14.0967 0x21fc KSecPkg - ok
21:30:15.0008 0x21fc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:30:15.0083 0x21fc ksthunk - ok
21:30:15.0129 0x21fc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:30:15.0223 0x21fc KtmRm - ok
21:30:15.0273 0x21fc [ E84DA1A93978B3700EA63414357B9BA3, B6119D23457CDEE2CCEBA433F5427B183387C3C54E9E51B42D7C79D1524727A4 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
21:30:15.0299 0x21fc L1C - ok
21:30:15.0346 0x21fc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:30:15.0440 0x21fc LanmanServer - ok
21:30:15.0477 0x21fc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:30:15.0578 0x21fc LanmanWorkstation - ok
21:30:15.0659 0x21fc [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
21:30:15.0684 0x21fc LHDmgr - ok
21:30:15.0723 0x21fc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:30:15.0818 0x21fc lltdio - ok
21:30:15.0871 0x21fc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:30:15.0985 0x21fc lltdsvc - ok
21:30:16.0003 0x21fc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:30:16.0097 0x21fc lmhosts - ok
21:30:16.0161 0x21fc [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:30:16.0205 0x21fc LMS - ok
21:30:16.0250 0x21fc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:30:16.0285 0x21fc LSI_FC - ok
21:30:16.0305 0x21fc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:30:16.0339 0x21fc LSI_SAS - ok
21:30:16.0351 0x21fc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:30:16.0383 0x21fc LSI_SAS2 - ok
21:30:16.0398 0x21fc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:30:16.0436 0x21fc LSI_SCSI - ok
21:30:16.0451 0x21fc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:30:16.0554 0x21fc luafv - ok
21:30:16.0590 0x21fc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:30:16.0629 0x21fc Mcx2Svc - ok
21:30:16.0646 0x21fc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:30:16.0676 0x21fc megasas - ok
21:30:16.0724 0x21fc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:30:16.0781 0x21fc MegaSR - ok
21:30:16.0837 0x21fc [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:30:16.0866 0x21fc MEIx64 - ok
21:30:16.0904 0x21fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:30:17.0002 0x21fc MMCSS - ok
21:30:17.0033 0x21fc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:30:17.0125 0x21fc Modem - ok
21:30:17.0149 0x21fc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:30:17.0190 0x21fc monitor - ok
21:30:17.0226 0x21fc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:30:17.0256 0x21fc mouclass - ok
21:30:17.0271 0x21fc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:30:17.0304 0x21fc mouhid - ok
21:30:17.0363 0x21fc [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:30:17.0396 0x21fc mountmgr - ok
21:30:17.0495 0x21fc [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:30:17.0533 0x21fc MozillaMaintenance - ok
21:30:17.0636 0x21fc [ 3665AB2F67F4024F5F3F80335ED5322A, BE3DC246F176E00D7611A7E16FBC22615199F49EBCB4C90B0C107294E592BF8D ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:30:17.0695 0x21fc MpFilter - ok
21:30:17.0747 0x21fc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:30:17.0787 0x21fc mpio - ok
21:30:18.0013 0x21fc [ AA12FAF01013F63348B722D3588550FF, AADE8C93BFE0830AE43AD649F62D7D7E25FC14107B172815EF9F4069C19ADFCC ] MpKsl72c8e1eb c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C632B318-AEC6-418D-A8E7-88E405E6B684}\MpKsl72c8e1eb.sys
21:30:18.0049 0x21fc MpKsl72c8e1eb - ok
21:30:18.0080 0x21fc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:30:18.0176 0x21fc mpsdrv - ok
21:30:18.0253 0x21fc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:30:18.0401 0x21fc MpsSvc - ok
21:30:18.0459 0x21fc [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:30:18.0495 0x21fc MRxDAV - ok
21:30:18.0543 0x21fc [ F77E8ABD746B93B9B4F9C13250302C47, 7A6B705DCFA540E90A2A10F8B245CFF7BCB018152EF67D4B988366386E67AE10 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:18.0580 0x21fc mrxsmb - ok
21:30:18.0627 0x21fc [ FF1B4AF370481C25B078FEAEE5455EDC, 596DE4DB5B29F99CD89038B9426000E42D47A27FEF56135F219C83F94B10C1E5 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:18.0683 0x21fc mrxsmb10 - ok
21:30:18.0735 0x21fc [ 125B7C9D7372711EDBD5BFEE2E33CE60, 53ED38EBD558C1EE46EE0D3E39964730237991994946BE494806F7EC4A62D966 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:18.0779 0x21fc mrxsmb20 - ok
21:30:18.0840 0x21fc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:30:18.0869 0x21fc msahci - ok
21:30:18.0921 0x21fc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:30:18.0958 0x21fc msdsm - ok
21:30:19.0006 0x21fc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:30:19.0056 0x21fc MSDTC - ok
21:30:19.0089 0x21fc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:30:19.0192 0x21fc Msfs - ok
21:30:19.0216 0x21fc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:30:19.0308 0x21fc mshidkmdf - ok
21:30:19.0316 0x21fc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:30:19.0346 0x21fc msisadrv - ok
21:30:19.0381 0x21fc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:30:19.0485 0x21fc MSiSCSI - ok
21:30:19.0493 0x21fc msiserver - ok
21:30:19.0532 0x21fc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:30:19.0624 0x21fc MSKSSRV - ok
21:30:19.0781 0x21fc [ 5ADED2C1239D7BD798E2C4EF9EAA1FA3, 6A462DAC110015F3E59610202714120C557674019A0196680B72031C50D7C474 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:30:19.0821 0x21fc MsMpSvc - ok
21:30:19.0865 0x21fc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:19.0958 0x21fc MSPCLOCK - ok
21:30:19.0976 0x21fc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:30:20.0076 0x21fc MSPQM - ok
21:30:20.0118 0x21fc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:30:20.0176 0x21fc MsRPC - ok
21:30:20.0192 0x21fc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:30:20.0220 0x21fc mssmbios - ok
21:30:20.0238 0x21fc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:30:20.0317 0x21fc MSTEE - ok
21:30:20.0325 0x21fc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:30:20.0353 0x21fc MTConfig - ok
21:30:20.0363 0x21fc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:30:20.0387 0x21fc Mup - ok
21:30:20.0450 0x21fc [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:30:20.0483 0x21fc MyWiFiDHCPDNS - ok
21:30:20.0548 0x21fc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:30:20.0661 0x21fc napagent - ok
21:30:20.0736 0x21fc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:30:20.0801 0x21fc NativeWifiP - ok
21:30:20.0933 0x21fc [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:30:21.0029 0x21fc NDIS - ok
21:30:21.0070 0x21fc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:30:21.0163 0x21fc NdisCap - ok
21:30:21.0188 0x21fc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:30:21.0281 0x21fc NdisTapi - ok
21:30:21.0300 0x21fc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:30:21.0393 0x21fc Ndisuio - ok
21:30:21.0410 0x21fc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:30:21.0490 0x21fc NdisWan - ok
21:30:21.0500 0x21fc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:30:21.0585 0x21fc NDProxy - ok
21:30:21.0612 0x21fc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:30:21.0687 0x21fc NetBIOS - ok
21:30:21.0751 0x21fc [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:30:21.0795 0x21fc NetBT - ok
21:30:21.0847 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] Netlogon C:\Windows\system32\lsass.exe
21:30:21.0881 0x21fc Netlogon - ok
21:30:21.0933 0x21fc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:30:22.0054 0x21fc Netman - ok
21:30:22.0262 0x21fc [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:22.0334 0x21fc NetMsmqActivator - ok
21:30:22.0349 0x21fc [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:22.0389 0x21fc NetPipeActivator - ok
21:30:22.0452 0x21fc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:30:22.0579 0x21fc netprofm - ok
21:30:22.0607 0x21fc [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:22.0660 0x21fc NetTcpActivator - ok
21:30:22.0675 0x21fc [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:22.0717 0x21fc NetTcpPortSharing - ok
21:30:22.0762 0x21fc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:30:22.0793 0x21fc nfrd960 - ok
21:30:22.0862 0x21fc [ CE5F6E635FE4506AE6F2D6EB87425128, 3DB5ECF7CD2F2C3C010AA40CE57F1B3856E284BBA359FBC41A1B340E3180FD5F ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:30:22.0907 0x21fc NisDrv - ok
21:30:22.0997 0x21fc [ D630B510E1E3FF6BA12B705F47F115D9, 05D76065D5D9A82E53EA18CD2D0184338681A7BBD3CD5D6C44D1FA5CB1C63640 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
21:30:23.0056 0x21fc NisSrv - ok
21:30:23.0136 0x21fc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:30:23.0191 0x21fc NlaSvc - ok
21:30:23.0230 0x21fc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:30:23.0323 0x21fc Npfs - ok
21:30:23.0365 0x21fc [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
21:30:23.0405 0x21fc nsi - ok
21:30:23.0426 0x21fc [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:30:23.0462 0x21fc nsiproxy - ok
21:30:23.0636 0x21fc [ 7FD5A7FB8F55254E9AF5666C653AF3CA, 5EE9805BB4A952AE455D08953FF12E55879776A521B3333F2730AC552DC17C48 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:30:23.0787 0x21fc Ntfs - ok
21:30:23.0815 0x21fc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:30:23.0907 0x21fc Null - ok
21:30:23.0954 0x21fc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:30:23.0993 0x21fc nvraid - ok
21:30:24.0033 0x21fc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:30:24.0071 0x21fc nvstor - ok
21:30:24.0120 0x21fc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:30:24.0155 0x21fc nv_agp - ok
21:30:24.0174 0x21fc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:30:24.0211 0x21fc ohci1394 - ok
21:30:24.0361 0x21fc [ 33840F7285A70D308882A23AF6D65D7E, 08506691E5F4AAB76811B1B2BCB9A68731B771F27A0571489E363D26A6EF0D0C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:24.0408 0x21fc ose - ok
21:30:24.0863 0x21fc [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:30:25.0213 0x21fc osppsvc - ok
21:30:25.0616 0x21fc [ E62964F4AF3EE449FC3A3BF7A00A8317, 397357CB35A1D3EDC1BC50480048AC52924D42F578B21212CA1BF8529B17BABC ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
21:30:25.0732 0x21fc OverwolfUpdater - ok
21:30:25.0792 0x21fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:30:25.0847 0x21fc p2pimsvc - ok
21:30:25.0897 0x21fc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:30:25.0960 0x21fc p2psvc - ok
21:30:25.0997 0x21fc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:30:26.0034 0x21fc Parport - ok
21:30:26.0076 0x21fc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:30:26.0108 0x21fc partmgr - ok
21:30:26.0160 0x21fc [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
21:30:26.0208 0x21fc PcaSvc - ok
21:30:26.0228 0x21fc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:30:26.0268 0x21fc pci - ok
21:30:26.0294 0x21fc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:30:26.0322 0x21fc pciide - ok
21:30:26.0361 0x21fc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:30:26.0404 0x21fc pcmcia - ok
21:30:26.0442 0x21fc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:30:26.0472 0x21fc pcw - ok
21:30:26.0531 0x21fc [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:30:26.0615 0x21fc PEAUTH - ok
21:30:26.0854 0x21fc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:30:26.0889 0x21fc PerfHost - ok
21:30:27.0061 0x21fc [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
21:30:27.0197 0x21fc pla - ok
21:30:27.0306 0x21fc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:30:27.0355 0x21fc PlugPlay - ok
21:30:27.0392 0x21fc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:30:27.0424 0x21fc PNRPAutoReg - ok
21:30:27.0454 0x21fc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:30:27.0508 0x21fc PNRPsvc - ok
21:30:27.0588 0x21fc [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:30:27.0656 0x21fc PolicyAgent - ok
21:30:27.0712 0x21fc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:30:27.0819 0x21fc Power - ok
21:30:27.0861 0x21fc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:30:27.0956 0x21fc PptpMiniport - ok
21:30:27.0974 0x21fc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:30:28.0009 0x21fc Processor - ok
21:30:28.0070 0x21fc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:30:28.0113 0x21fc ProfSvc - ok
21:30:28.0136 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:30:28.0166 0x21fc ProtectedStorage - ok
21:30:28.0208 0x21fc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:30:28.0305 0x21fc Psched - ok
21:30:28.0453 0x21fc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:30:28.0603 0x21fc ql2300 - ok
21:30:28.0641 0x21fc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:30:28.0677 0x21fc ql40xx - ok
21:30:28.0719 0x21fc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:30:28.0783 0x21fc QWAVE - ok
21:30:28.0814 0x21fc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:30:28.0861 0x21fc QWAVEdrv - ok
21:30:28.0870 0x21fc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:30:28.0961 0x21fc RasAcd - ok
21:30:28.0993 0x21fc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:30:29.0088 0x21fc RasAgileVpn - ok
21:30:29.0129 0x21fc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:30:29.0230 0x21fc RasAuto - ok
21:30:29.0268 0x21fc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:30:29.0365 0x21fc Rasl2tp - ok
21:30:29.0410 0x21fc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:30:29.0527 0x21fc RasMan - ok
21:30:29.0547 0x21fc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:30:29.0645 0x21fc RasPppoe - ok
21:30:29.0665 0x21fc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:30:29.0763 0x21fc RasSstp - ok
21:30:29.0804 0x21fc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:30:29.0920 0x21fc rdbss - ok
21:30:29.0937 0x21fc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:30:29.0982 0x21fc rdpbus - ok
21:30:30.0009 0x21fc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:30:30.0084 0x21fc RDPCDD - ok
21:30:30.0099 0x21fc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:30:30.0175 0x21fc RDPENCDD - ok
21:30:30.0192 0x21fc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:30:30.0268 0x21fc RDPREFMP - ok
21:30:30.0422 0x21fc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:30:30.0465 0x21fc RdpVideoMiniport - ok
21:30:30.0520 0x21fc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:30:30.0564 0x21fc RDPWD - ok
21:30:30.0615 0x21fc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:30:30.0659 0x21fc rdyboost - ok
21:30:30.0741 0x21fc [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:30:30.0774 0x21fc RegSrvc - ok
21:30:30.0806 0x21fc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:30:30.0907 0x21fc RemoteAccess - ok
21:30:30.0956 0x21fc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:30:31.0062 0x21fc RemoteRegistry - ok
21:30:31.0121 0x21fc [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
21:30:31.0150 0x21fc RimUsb - ok
21:30:31.0191 0x21fc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:30:31.0291 0x21fc RpcEptMapper - ok
21:30:31.0315 0x21fc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:30:31.0351 0x21fc RpcLocator - ok
21:30:31.0432 0x21fc [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs C:\Windows\system32\rpcss.dll
21:30:31.0508 0x21fc RpcSs - ok
21:30:31.0558 0x21fc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:30:31.0654 0x21fc rspndr - ok
21:30:31.0681 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] SamSs C:\Windows\system32\lsass.exe
21:30:31.0716 0x21fc SamSs - ok
21:30:31.0731 0x21fc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:30:31.0769 0x21fc sbp2port - ok
21:30:31.0822 0x21fc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:30:31.0949 0x21fc SCardSvr - ok
21:30:31.0985 0x21fc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:30:32.0095 0x21fc scfilter - ok
21:30:32.0234 0x21fc [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:30:32.0376 0x21fc Schedule - ok
21:30:32.0462 0x21fc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:30:32.0579 0x21fc SCPolicySvc - ok
21:30:32.0641 0x21fc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:30:32.0690 0x21fc SDRSVC - ok
21:30:32.0740 0x21fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:30:32.0772 0x21fc secdrv - ok
21:30:32.0836 0x21fc [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
21:30:32.0871 0x21fc seclogon - ok
21:30:32.0899 0x21fc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:30:32.0997 0x21fc SENS - ok
21:30:33.0025 0x21fc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:30:33.0060 0x21fc SensrSvc - ok
21:30:33.0084 0x21fc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:30:33.0118 0x21fc Serenum - ok
21:30:33.0153 0x21fc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:30:33.0192 0x21fc Serial - ok
21:30:33.0202 0x21fc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:30:33.0236 0x21fc sermouse - ok
21:30:33.0287 0x21fc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:30:33.0388 0x21fc SessionEnv - ok
21:30:33.0400 0x21fc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:30:33.0439 0x21fc sffdisk - ok
21:30:33.0448 0x21fc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:30:33.0489 0x21fc sffp_mmc - ok
21:30:33.0498 0x21fc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:30:33.0538 0x21fc sffp_sd - ok
21:30:33.0546 0x21fc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:30:33.0580 0x21fc sfloppy - ok
21:30:33.0649 0x21fc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:30:33.0769 0x21fc SharedAccess - ok
21:30:33.0825 0x21fc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:30:33.0945 0x21fc ShellHWDetection - ok
21:30:33.0981 0x21fc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:30:34.0011 0x21fc SiSRaid2 - ok
21:30:34.0024 0x21fc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:30:34.0058 0x21fc SiSRaid4 - ok
21:30:34.0194 0x21fc [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:30:34.0273 0x21fc SkypeUpdate - ok
21:30:34.0321 0x21fc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:30:34.0421 0x21fc Smb - ok
21:30:34.0470 0x21fc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:30:34.0507 0x21fc SNMPTRAP - ok
21:30:34.0517 0x21fc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:30:34.0547 0x21fc spldr - ok
21:30:34.0626 0x21fc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:30:34.0702 0x21fc Spooler - ok
21:30:34.0981 0x21fc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:30:35.0383 0x21fc sppsvc - ok
21:30:35.0406 0x21fc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:30:35.0505 0x21fc sppuinotify - ok
21:30:35.0591 0x21fc [ 9FDD80B815A7F29554FF6E0D77A7F60D, 768F1173063FDEDCFD98FF3D4E8D9A21E9F9C1E768C3C88D6649DF801F0D9044 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:30:35.0659 0x21fc srv - ok
21:30:35.0718 0x21fc [ D62B353400F2C1FD0A5E93F8BDA83715, D7CD9E9FC235C599F408862B65ED6025EDA335071C6B4F315431D6E82071B253 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:30:35.0782 0x21fc srv2 - ok
21:30:35.0830 0x21fc [ CAEAA7FF473E33DB8E5B72AB145907D3, 8BF6F274F975A600E6E63637C3F9E425EEE64198F4780C9818CA7856AD683CA2 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:30:35.0877 0x21fc srvnet - ok
21:30:35.0931 0x21fc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:30:36.0040 0x21fc SSDPSRV - ok
21:30:36.0054 0x21fc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:30:36.0154 0x21fc SstpSvc - ok
21:30:36.0279 0x21fc [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:30:36.0364 0x21fc Steam Client Service - ok
21:30:36.0410 0x21fc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:30:36.0448 0x21fc stexstor - ok
21:30:36.0532 0x21fc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:30:36.0625 0x21fc stisvc - ok
21:30:36.0668 0x21fc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:30:36.0695 0x21fc swenum - ok
21:30:36.0757 0x21fc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:30:36.0892 0x21fc swprv - ok
21:30:36.0977 0x21fc [ 48A191AE1F810F3F76F04187BA6B0F14, 3401EF6B378F1BE60769132706D0EAACCBF9763644EF3DE4510A8F69C97AA56A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:30:37.0033 0x21fc SynTP - ok
21:30:37.0213 0x21fc [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:30:37.0384 0x21fc SysMain - ok
21:30:37.0419 0x21fc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:30:37.0473 0x21fc TabletInputService - ok
21:30:37.0521 0x21fc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:30:37.0638 0x21fc TapiSrv - ok
21:30:37.0839 0x21fc [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:30:38.0016 0x21fc Tcpip - ok
21:30:38.0184 0x21fc [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:30:38.0346 0x21fc TCPIP6 - ok
21:30:38.0426 0x21fc [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:30:38.0458 0x21fc tcpipreg - ok
21:30:38.0496 0x21fc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:30:38.0527 0x21fc TDPIPE - ok
21:30:38.0565 0x21fc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:30:38.0596 0x21fc TDTCP - ok
21:30:38.0632 0x21fc [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:30:38.0696 0x21fc tdx - ok
21:30:38.0749 0x21fc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:30:38.0780 0x21fc TermDD - ok
21:30:38.0877 0x21fc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:30:38.0961 0x21fc TermService - ok
21:30:39.0006 0x21fc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:30:39.0057 0x21fc Themes - ok
21:30:39.0095 0x21fc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:30:39.0194 0x21fc THREADORDER - ok
21:30:39.0253 0x21fc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:30:39.0358 0x21fc TrkWks - ok
21:30:39.0424 0x21fc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:30:39.0525 0x21fc TrustedInstaller - ok
21:30:39.0576 0x21fc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:30:39.0608 0x21fc tssecsrv - ok
21:30:39.0662 0x21fc [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:30:39.0695 0x21fc TsUsbFlt - ok
21:30:39.0730 0x21fc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:30:39.0761 0x21fc TsUsbGD - ok
21:30:39.0801 0x21fc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:30:39.0899 0x21fc tunnel - ok
21:30:39.0911 0x21fc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:30:39.0944 0x21fc uagp35 - ok
21:30:39.0978 0x21fc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:30:40.0089 0x21fc udfs - ok
21:30:40.0129 0x21fc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:30:40.0169 0x21fc UI0Detect - ok
21:30:40.0195 0x21fc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:30:40.0228 0x21fc uliagpkx - ok
21:30:40.0252 0x21fc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:30:40.0287 0x21fc umbus - ok
21:30:40.0295 0x21fc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:30:40.0328 0x21fc UmPass - ok
21:30:40.0446 0x21fc [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:30:40.0499 0x21fc UNS - ok
21:30:40.0548 0x21fc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:30:40.0668 0x21fc upnphost - ok
21:30:40.0740 0x21fc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:30:40.0777 0x21fc usbaudio - ok
21:30:40.0835 0x21fc [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
21:30:40.0871 0x21fc usbccgp - ok
21:30:40.0912 0x21fc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:30:40.0949 0x21fc usbcir - ok
21:30:40.0980 0x21fc [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:30:41.0016 0x21fc usbehci - ok
21:30:41.0086 0x21fc [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
21:30:41.0142 0x21fc usbhub - ok
21:30:41.0200 0x21fc [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:30:41.0232 0x21fc usbohci - ok
21:30:41.0282 0x21fc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:30:41.0323 0x21fc usbprint - ok
21:30:41.0371 0x21fc [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:30:41.0404 0x21fc usbscan - ok
21:30:41.0450 0x21fc [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:30:41.0487 0x21fc USBSTOR - ok
21:30:41.0516 0x21fc [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:30:41.0548 0x21fc usbuhci - ok
21:30:41.0587 0x21fc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:30:41.0628 0x21fc usbvideo - ok
21:30:41.0669 0x21fc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:30:41.0766 0x21fc UxSms - ok
21:30:41.0792 0x21fc [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] VaultSvc C:\Windows\system32\lsass.exe
21:30:41.0826 0x21fc VaultSvc - ok
21:30:41.0877 0x21fc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:30:41.0906 0x21fc vdrvroot - ok
21:30:41.0965 0x21fc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:30:42.0097 0x21fc vds - ok
21:30:42.0115 0x21fc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:30:42.0155 0x21fc vga - ok
21:30:42.0165 0x21fc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:30:42.0247 0x21fc VgaSave - ok
21:30:42.0301 0x21fc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:30:42.0335 0x21fc vhdmp - ok
21:30:42.0365 0x21fc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:30:42.0388 0x21fc viaide - ok
21:30:42.0496 0x21fc [ 8793B8146F58D54D07245CE5F722DA93, 89AF8CCA4CA603C06EB3E64B9230AAE561E6BE0D94841B4436A25AFF874E92AC ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys
21:30:42.0590 0x21fc vm331avs - ok
21:30:42.0760 0x21fc [ 688911427532BCD0FB6E840CD75BE77A, 5D6F2E6E4856EDEC89FA72B0D636E510B4A21CCCBCE50BCCDDD3398AFEE4B35B ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:30:42.0796 0x21fc VMAuthdService - ok
21:30:42.0852 0x21fc [ 23B3E571717D59C8B0A6963B79061B57, B41BF84972DE78FDD9FA1D69D0514FEABB238321A29608A5304D97EB6CC02B3F ] vmci C:\Windows\system32\DRIVERS\vmci.sys
21:30:42.0883 0x21fc vmci - ok
21:30:42.0943 0x21fc [ DCC85609E3B9BEA350386FF49E77839D, 01B5234676F2BD130193FBE60FDA78B746E6316167125C5B38EAE26E16A1206F ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
21:30:42.0970 0x21fc vmkbd - ok
21:30:43.0004 0x21fc VMnetAdapter - ok
21:30:43.0035 0x21fc VMnetBridge - ok
21:30:43.0314 0x21fc [ D845AD2EF17354B85A9C2564EFCBE692, 76E91C6A8FBB3F8DBAE4B665530201E5780DBBF1A3046528A7AF608B6D5C7B02 ] VMnetDHCP C:\Windows\SysWOW64\vmnetdhcp.exe
21:30:43.0367 0x21fc VMnetDHCP - ok
21:30:43.0376 0x21fc VMnetuserif - ok
21:30:43.0533 0x21fc [ 4AD6167F85CF70754D18222D33DB2F75, E2F4459E6065EE5212E87CDC5E3D6BC1414FAC8A13580037C1EA0BDF74DFD9CD ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:30:43.0626 0x21fc VMUSBArbService - ok
21:30:43.0700 0x21fc [ 21189E3D6E45A0537D326E2A41A31936, 9C76BC82973DC5B78ED6AAC07C293914C903FEF559CC055427CD3DD68A02E693 ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
21:30:43.0757 0x21fc VMware NAT Service - ok
21:30:43.0796 0x21fc vmx86 - ok
21:30:43.0836 0x21fc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:30:43.0867 0x21fc volmgr - ok
21:30:43.0939 0x21fc [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:30:43.0991 0x21fc volmgrx - ok
21:30:44.0019 0x21fc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:30:44.0067 0x21fc volsnap - ok
21:30:44.0330 0x21fc [ 683150C8D37623EF5799E8658620ED3E, 22DB9BA5B12552CBD311B12B582360C1D53B9DA509FA304514A9A352A59AFA15 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
21:30:44.0415 0x21fc vpnagent - ok
21:30:44.0458 0x21fc [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
21:30:44.0489 0x21fc vpnva - ok
21:30:44.0527 0x21fc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:30:44.0566 0x21fc vsmraid - ok
21:30:44.0630 0x21fc [ 7639A7B4A8E5204BB37B479C2D1C8934, 2A35B3A7B20EE3F5888A089D1E46A7FD7B2D86AB36D3401A224F7CD39ABE7F27 ] vsock C:\Windows\system32\drivers\vsock.sys
21:30:44.0659 0x21fc vsock - ok
21:30:44.0810 0x21fc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:30:45.0026 0x21fc VSS - ok
21:30:45.0075 0x21fc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:30:45.0114 0x21fc vwifibus - ok
21:30:45.0126 0x21fc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:30:45.0175 0x21fc VWiFiFlt - ok
21:30:45.0190 0x21fc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:30:45.0236 0x21fc vwifimp - ok
21:30:45.0305 0x21fc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:30:45.0430 0x21fc W32Time - ok
21:30:45.0465 0x21fc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:30:45.0498 0x21fc WacomPen - ok
21:30:45.0522 0x21fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:30:45.0617 0x21fc WANARP - ok
21:30:45.0629 0x21fc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:30:45.0724 0x21fc Wanarpv6 - ok
21:30:45.0918 0x21fc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:30:46.0041 0x21fc WatAdminSvc - ok
21:30:46.0191 0x21fc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:30:46.0337 0x21fc wbengine - ok
21:30:46.0389 0x21fc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:30:46.0454 0x21fc WbioSrvc - ok
21:30:46.0514 0x21fc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:30:46.0588 0x21fc wcncsvc - ok
21:30:46.0671 0x21fc [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:30:46.0742 0x21fc WcsPlugInService - ok
21:30:46.0770 0x21fc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:30:46.0798 0x21fc Wd - ok
21:30:46.0896 0x21fc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:30:46.0983 0x21fc Wdf01000 - ok
21:30:47.0034 0x21fc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:30:47.0074 0x21fc WdiServiceHost - ok
21:30:47.0087 0x21fc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:30:47.0125 0x21fc WdiSystemHost - ok
21:30:47.0179 0x21fc [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
21:30:47.0236 0x21fc WebClient - ok
21:30:47.0275 0x21fc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:30:47.0388 0x21fc Wecsvc - ok
21:30:47.0405 0x21fc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:30:47.0509 0x21fc wercplsupport - ok
21:30:47.0543 0x21fc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:30:47.0643 0x21fc WerSvc - ok
21:30:47.0677 0x21fc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:30:47.0769 0x21fc WfpLwf - ok
21:30:47.0779 0x21fc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:30:47.0808 0x21fc WIMMount - ok
21:30:47.0836 0x21fc WinDefend - ok
21:30:47.0861 0x21fc WinHttpAutoProxySvc - ok
21:30:47.0991 0x21fc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:30:48.0102 0x21fc Winmgmt - ok
21:30:48.0291 0x21fc [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
21:30:48.0465 0x21fc WinRM - ok
21:30:48.0532 0x21fc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:30:48.0565 0x21fc WinUsb - ok
21:30:48.0655 0x21fc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:30:48.0769 0x21fc Wlansvc - ok
21:30:49.0051 0x21fc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:30:49.0239 0x21fc wlidsvc - ok
21:30:49.0277 0x21fc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:30:49.0304 0x21fc WmiAcpi - ok
21:30:49.0344 0x21fc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:30:49.0383 0x21fc wmiApSrv - ok
21:30:49.0425 0x21fc WMPNetworkSvc - ok
21:30:49.0458 0x21fc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:30:49.0492 0x21fc WPCSvc - ok
21:30:49.0509 0x21fc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:30:49.0558 0x21fc WPDBusEnum - ok
21:30:49.0579 0x21fc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:30:49.0673 0x21fc ws2ifsl - ok
21:30:49.0697 0x21fc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:30:49.0752 0x21fc wscsvc - ok
21:30:49.0762 0x21fc WSearch - ok
21:30:50.0027 0x21fc [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv C:\Windows\system32\wuaueng.dll
21:30:50.0303 0x21fc wuauserv - ok
21:30:50.0368 0x21fc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:30:50.0403 0x21fc WudfPf - ok
21:30:50.0440 0x21fc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:30:50.0485 0x21fc WUDFRd - ok
21:30:50.0524 0x21fc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:30:50.0565 0x21fc wudfsvc - ok
21:30:50.0624 0x21fc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:30:50.0674 0x21fc WwanSvc - ok
21:30:50.0833 0x21fc [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:30:50.0899 0x21fc ZeroConfigService - ok
21:30:50.0975 0x21fc ================ Scan global ===============================
21:30:51.0037 0x21fc [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:30:51.0103 0x21fc [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\Windows\system32\winsrv.dll
21:30:51.0139 0x21fc [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\Windows\system32\winsrv.dll
21:30:51.0193 0x21fc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:30:51.0269 0x21fc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:30:51.0292 0x21fc [ Global ] - ok
21:30:51.0293 0x21fc ================ Scan MBR ==================================
21:30:51.0324 0x21fc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:30:51.0419 0x21fc \Device\Harddisk0\DR0 - ok
21:30:51.0421 0x21fc ================ Scan VBR ==================================
21:30:51.0425 0x21fc [ 93885A43FA8DE4A28CC787B1F88081EA ] \Device\Harddisk0\DR0\Partition1
21:30:51.0427 0x21fc \Device\Harddisk0\DR0\Partition1 - ok
21:30:51.0466 0x21fc [ BABD689A5DEF1F3397C3E4C6E5520BF6 ] \Device\Harddisk0\DR0\Partition2
21:30:51.0466 0x21fc \Device\Harddisk0\DR0\Partition2 - ok
21:30:51.0485 0x21fc [ 76E32C2DABB35D1E6EE01F6A58D43541 ] \Device\Harddisk0\DR0\Partition3
21:30:51.0489 0x21fc \Device\Harddisk0\DR0\Partition3 - ok
21:30:51.0489 0x21fc ================ Scan generic autorun ======================
21:30:52.0398 0x21fc [ 4320A7045EC51CCC554E607B1CE0FA26, 67BBCD69B54C4C02A91BA4D0960C4F31675DE3C5B06C74852061A754FCF4E0E0 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:30:53.0424 0x21fc RtHDVCpl - ok
21:30:53.0536 0x21fc [ 350AE710634AF327DDC90B897BBBA23A, E4F0C0D50894A9CA63311AC48EA22F7B9BCA35AE3AC71AD6259C0FAC6FA134B9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:30:53.0625 0x21fc RtHDVBg_Dolby - ok
21:30:53.0689 0x21fc [ 02F2FE12B0C924D649F16073D0B011D1, E6D61ADD817A1DF882F176E901E55B99141F6D4FD848A97E47FF34BB7A36B28E ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
21:30:53.0728 0x21fc AmIcoSinglun64 - ok
21:30:53.0730 0x21fc SynTPEnh - ok
21:30:54.0395 0x21fc [ 0EC61D81D929CDC4866450148AAE97F5, 76C1BA06B11A15EAEA637669DC00383AEBDA237A1D7DEA2580D1295EF35DF68C ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
21:30:55.0098 0x21fc Energy Management - ok
21:30:55.0627 0x21fc [ 9BD21473A5FB8192CE57E6C22D724626, BDC8E3585A75C058D5395612794D222BAFCCFD01B8AB92AB5F7D9118A545F12B ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
21:30:56.0143 0x21fc EnergyUtility - ok
21:30:56.0216 0x21fc [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
21:30:56.0248 0x21fc IgfxTray - ok
21:30:56.0280 0x21fc [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
21:30:56.0326 0x21fc HotKeysCmds - ok
21:30:56.0385 0x21fc [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
21:30:56.0434 0x21fc Persistence - ok
21:30:56.0610 0x21fc [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] c:\Program Files\Microsoft Security Client\msseces.exe
21:30:56.0753 0x21fc MSC - ok
21:30:56.0861 0x21fc [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
21:30:56.0907 0x21fc IAStorIcon - ok
21:30:57.0001 0x21fc [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:30:57.0048 0x21fc USB3MON - ok
21:30:57.0116 0x21fc [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
21:30:57.0141 0x21fc HP Software Update - ok
21:30:57.0268 0x21fc [ 7A727248EBC065BD2BB94A9B2892D190, B1E12ED3D07963EF0FA09B3ECD8AC3FBD316733D968A99C958DF7026B1BDFD99 ] C:\Program Files\Microsoft Security Client\msseces.exe
21:30:57.0413 0x21fc Application Restart #0 - ok
21:30:57.0421 0x21fc Waiting for KSN requests completion. In queue: 116
21:30:58.0566 0x21fc AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.10.209.0 ), 0x61000 ( enabled : updated )
21:30:58.0613 0x21fc Win FW state via NFP2: enabled ( trusted )
21:30:58.0847 0x21fc ============================================================
21:30:58.0847 0x21fc Scan finished
21:30:58.0847 0x21fc ============================================================
21:30:58.0868 0x1bf0 Detected object count: 0
21:30:58.0868 0x1bf0 Actual detected object count: 0
|
|
26.09.2017, 20:51
| #7 |
| /// TB-Ausbilder | Combofix-Log-Auswertung für Neuling Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
26.09.2017, 23:15
| #8 |
| | Combofix-Log-Auswertung für Neuling AdwCleaner-Log: Code:
ATTFilter # AdwCleaner 7.0.2.1 - Logfile created on Tue Sep 26 20:54:36 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [6162 B] - [2017/9/15 18:43:39]
C:/AdwCleaner/AdwCleaner[C1].txt - [1393 B] - [2017/9/15 18:52:10]
C:/AdwCleaner/AdwCleaner[S0].txt - [23239 B] - [2015/1/1 17:6:22]
C:/AdwCleaner/AdwCleaner[S1].txt - [7005 B] - [2017/9/15 18:42:28]
C:/AdwCleaner/AdwCleaner[S2].txt - [1220 B] - [2017/9/15 18:51:58]
C:/AdwCleaner/AdwCleaner[S3].txt - [1291 B] - [2017/9/15 19:26:17]
C:/AdwCleaner/AdwCleaner[S4].txt - [1359 B] - [2017/9/26 20:53:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 26.09.17
Scan-Zeit: 23:06
Protokolldatei: 9c27fab6-a2fe-11e7-a20f-3c970eac10a0.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2893
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Johannes-PC\Johannes
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 407921
Erkannte Bedrohungen: 36
In die Quarantäne verschobene Bedrohungen: 35
Abgelaufene Zeit: 39 Min., 47 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-3713904842-3737894215-1530784781-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [2141], [169670],1.0.2893
Registrierungswert: 2
PUP.Optional.SecurityProtection, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DETGDP@GMAIL.COM, In Quarantäne, [11812], [242842],1.0.2893
PUP.Optional.FilesFrog, HKLM\SOFTWARE\CLASSES\SDP\SHELL\OPEN\COMMAND|, Entfernung fehlgeschlagen, [1640], [258347],1.0.2893
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 10
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\pack, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\lib, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\locale\en-US, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\locale\zh-CN, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\locale, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\skin, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XA5P60R8.DEFAULT\EXTENSIONS\DETGDP@GMAIL.COM, In Quarantäne, [11812], [179501],1.0.2893
Datei: 23
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\lib\jquery-2.1.1.min.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\epurls.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\inject.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\js\restart.js, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\content\restartOverlay.xul, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\locale\en-US\restart.dtd, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\locale\zh-CN\restart.dtd, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\skin\icon.png, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\skin\iconsmall.png, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\skin\iconverysmall.png, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome\skin\restartfirefox.css, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\chrome.manifest, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\extensions\detgdp@gmail.com\install.rdf, In Quarantäne, [11812], [179501],1.0.2893
PUP.Optional.SecurityProtection, C:\USERS\JOHANNES\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NOAJMLKIPCLMEOLFCNFLKJHIJKIGPFJH.CRX, In Quarantäne, [11812], [242840],1.0.2893
PUP.Optional.DownloadSponsor, C:\USERS\JOHANNES\DOWNLOADS\ANDY ANDROID EMULATOR 64 BIT - CHIP-INSTALLER.EXE, In Quarantäne, [517], [413936],1.0.2893
PUP.Optional.OpenCandy, C:\USERS\JOHANNES\DOWNLOADS\PHOTOSCAPE_V3.6.5.EXE, In Quarantäne, [520], [297667],1.0.2893
PUP.Optional.DownloadGuide, C:\USERS\JOHANNES\DOWNLOADS\TUBEBOX5.EXE, In Quarantäne, [182], [55900],1.0.2893
PUP.Optional.Somoto, C:\USERS\JOHANNES\DOWNLOADS\PDFCREATORSETUP-N7TVMBREP.EXE, In Quarantäne, [366], [301181],1.0.2893
PUP.Optional.SofTonic, C:\USERS\JOHANNES\DOWNLOADS\SOFTONICDOWNLOADER_FUER_MICROSOFT-LIFECAM.EXE, In Quarantäne, [3319], [8262],1.0.2893
PUP.Optional.CoolMirage, C:\USERS\JOHANNES\DOWNLOADS\THE_KOOKS_-_LISTEN_-_DELUXE_EDITION_2014.EXE, In Quarantäne, [6424], [301023],1.0.2893
PUP.Optional.SofTonic, C:\USERS\JOHANNES\DOWNLOADS\SOFTONICDOWNLOADER_FUER_DELICIOUS-EMILY-UND-DIE-TRAUMHOCHZEIT-SAMMLERED.EXE, In Quarantäne, [3319], [8262],1.0.2893
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2017 01
durchgeführt von Johannes (Administrator) auf JOHANNES-PC (27-09-2017 00:00:22)
Gestartet von C:\Users\Johannes\Desktop
Geladene Profile: Johannes (Verfügbare Profile: Johannes & Uni & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2011-12-21] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-08] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8069024 2013-11-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6201248 2013-11-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53649;https=127.0.0.1:53649
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{62DD59A3-AECC-42F1-B257-BDC13679AEF5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{84567B36-88A2-4704-894E-0EF333596947}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-06-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-31] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-31] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-24] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9ira0lt3.default
FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Zotero\Zotero\Profiles\9ira0lt3.default [2017-09-26]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-09-22] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2017-09-22] [ist nicht signiert]
FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default [2017-09-26]
FF Extension: (spottster.com) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\com.spottster.addon.firefox@jetpack.xpi [2016-04-27]
FF Extension: (Der Camelizer) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\izer@camelcamelcamel.com.xpi [2017-09-08]
FF Extension: (Zotero) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\zotero@chnm.gmu.edu.xpi [2017-09-16]
FF Extension: (Gutscheinaffe) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2017-09-08]
FF Extension: (Adblock Plus) - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\xa5p60r8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-12]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-11-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1420131101&from=wpm12311&uid=HGSTXHTS545032A7E380_TMA45C480EH8YM0EH8YMX
CHR Profile: C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default [2017-09-27]
CHR Extension: (Google Präsentationen) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-02]
CHR Extension: (Google Docs) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-15]
CHR Extension: (Google Drive) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-15]
CHR Extension: (YouTube) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-15]
CHR Extension: (Adblock Plus) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Google-Suche) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-18]
CHR Extension: (Google Docs Offline) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-02]
CHR Extension: (Скачать музыку Вконтакте) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hanjiajgnonaobdlklncdjdmpbomlhoa [2017-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
CHR Extension: (Citavi Picker) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2017-03-29]
CHR Extension: (Google Mail) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [441880 2016-07-04] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-04] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-04] (BlueStack Systems, Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-20] (Dropbox, Inc.)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-01-28] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [204096 2014-01-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1310960 2016-10-30] (Overwolf LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-04] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-04] (Bluestack System Inc. )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-26] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-26] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-26] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-26] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-26] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-07] (Vimicro Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S2 hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [X]
S1 MpKsl72c8e1eb; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C632B318-AEC6-418D-A8E7-88E405E6B684}\MpKsl72c8e1eb.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; system32\DRIVERS\vmnetbridge.sys [X]
S2 VMnetuserif; \??\C:\Windows\system32\drivers\vmnetuserif.sys [X]
S2 vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-27 00:00 - 2017-09-27 00:04 - 000021817 _____ C:\Users\Johannes\Desktop\FRST.txt
2017-09-26 23:57 - 2017-09-26 23:57 - 000007976 _____ C:\Users\Johannes\Desktop\mbam.txt
2017-09-26 23:05 - 2017-09-26 23:54 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-26 23:05 - 2017-09-26 23:54 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-26 23:05 - 2017-09-26 23:54 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-26 23:05 - 2017-09-26 23:54 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-26 23:05 - 2017-09-26 23:05 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-26 23:05 - 2017-09-26 23:05 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-26 23:05 - 2017-09-26 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-26 23:05 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-26 23:04 - 2017-09-26 23:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-26 23:04 - 2017-09-26 23:04 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-26 23:03 - 2017-09-26 23:03 - 068408664 _____ (Malwarebytes ) C:\Users\Johannes\Downloads\mb3-setup-consumer-3.2.2.2029.exe
2017-09-26 22:46 - 2017-09-26 22:46 - 008182736 _____ (Malwarebytes) C:\Users\Johannes\Downloads\adwcleaner_7.0.2.1.exe
2017-09-26 21:28 - 2017-09-26 21:34 - 000213164 _____ C:\TDSSKiller.3.1.0.15_26.09.2017_21.28.43_log.txt
2017-09-26 21:28 - 2017-09-26 21:28 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Johannes\Desktop\tdsskiller.exe
2017-09-26 21:27 - 2017-09-26 21:28 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Johannes\Downloads\tdsskiller.exe
2017-09-26 20:54 - 2017-09-26 21:02 - 000076931 _____ C:\Users\Johannes\Downloads\Addition.txt
2017-09-26 20:50 - 2017-09-27 00:00 - 000000000 ____D C:\FRST
2017-09-26 20:50 - 2017-09-26 21:02 - 000069954 _____ C:\Users\Johannes\Downloads\FRST.txt
2017-09-26 20:35 - 2017-09-26 20:50 - 002399744 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2017-09-25 11:57 - 2017-09-25 11:57 - 000322469 _____ C:\Users\Johannes\Downloads\006.VG-chapter.pdf
2017-09-24 19:57 - 2017-09-25 10:41 - 000009008 _____ C:\Users\Johannes\Desktop\Kopfschmerztagebuch.xlsx
2017-09-23 10:39 - 2017-09-23 10:39 - 000408444 _____ C:\Users\Johannes\Downloads\9783658139315-c2.pdf
2017-09-23 08:54 - 2017-09-23 08:54 - 000001536 _____ C:\Users\Johannes\Desktop\Bachelorarbeit - Verknüpfung.lnk
2017-09-21 21:58 - 2017-09-21 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-21 15:12 - 2017-09-21 15:12 - 000060438 _____ C:\Users\Johannes\Downloads\STUDIIBescheinigungImmaoU (1).pdf
2017-09-20 18:48 - 2017-09-20 18:48 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-20 18:48 - 2017-09-20 18:48 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-18 19:11 - 2017-09-18 19:11 - 001201048 _____ C:\Windows\Minidump\091817-44491-01.dmp
2017-09-18 19:10 - 2017-09-18 19:10 - 537626535 _____ C:\Windows\MEMORY.DMP
2017-09-18 15:32 - 2017-09-18 15:32 - 002378571 _____ C:\Users\Johannes\Downloads\8518.pdf
2017-09-15 21:30 - 2017-09-15 21:30 - 000002613 _____ C:\Users\Johannes\Downloads\ComboFix-quarantined-files.txt
2017-09-15 20:33 - 2017-09-15 20:39 - 008182736 _____ (Malwarebytes) C:\Users\Johannes\Desktop\adwcleaner_7.0.2.1.exe
2017-09-15 20:25 - 2017-09-15 20:25 - 000003250 _____ C:\Windows\System32\Tasks\{18D5BFA1-9370-419A-94F5-CB77D4444E16}
2017-09-15 15:12 - 2017-09-15 15:12 - 000006438 _____ C:\Users\Johannes\Downloads\{397648F0-6BA8-4BC9-B8EC-02A1F0C4C208}.xls
2017-09-14 22:04 - 2017-09-14 22:04 - 000029401 _____ C:\Users\Johannes\Downloads\ComboFix.txt
2017-09-14 21:40 - 2017-09-14 21:40 - 000029401 _____ C:\ComboFix.txt
2017-09-14 21:05 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-14 21:05 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-14 21:05 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-14 21:05 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-14 20:56 - 2017-09-14 21:05 - 000306107 _____ (Swearware) C:\Users\Johannes\Downloads\Nicht bestätigt 166292.crdownload
2017-09-14 20:54 - 2017-09-14 21:40 - 000000000 ____D C:\Qoobox
2017-09-14 20:53 - 2017-09-14 21:37 - 000000000 ____D C:\Windows\erdnt
2017-09-14 20:47 - 2017-09-14 20:48 - 005660248 ____R (Swearware) C:\Users\Johannes\Downloads\ComboFix.exe
2017-09-13 08:14 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 08:14 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 08:14 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-13 08:14 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 08:14 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 08:14 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 08:14 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 08:14 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 08:14 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 08:14 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 08:14 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 08:14 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 08:14 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-13 08:14 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 08:14 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 08:14 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-13 08:14 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 08:14 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 08:14 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 08:14 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 08:14 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 08:14 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-13 08:14 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 08:14 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 08:14 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 08:14 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 08:14 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 08:14 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 08:14 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 08:14 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 08:14 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 08:14 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 08:14 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 08:14 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 08:14 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 08:14 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 08:14 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 08:14 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-13 08:14 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 08:14 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 08:14 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 08:14 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 08:14 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 08:14 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-13 08:14 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-13 08:14 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 08:14 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-13 08:14 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 08:14 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 08:14 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 08:14 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 08:14 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-13 08:13 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 08:13 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 08:13 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 08:13 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-13 08:13 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 08:13 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 08:13 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 08:13 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 08:13 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 08:13 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 08:13 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 08:13 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 08:13 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 08:13 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 08:13 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 08:13 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 08:13 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-13 08:13 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 08:13 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-13 08:13 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-13 08:13 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 08:13 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 08:13 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-13 08:13 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 08:13 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 08:13 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 08:13 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 08:13 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-13 08:13 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-13 08:13 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-13 08:13 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-13 08:13 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-13 08:13 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 08:13 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-13 08:13 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-13 08:13 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-13 08:13 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-13 08:13 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-13 08:13 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 08:13 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-13 08:13 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 08:13 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-13 08:13 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 08:13 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 08:13 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 08:13 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 08:13 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 08:13 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 08:13 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 08:13 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 08:13 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 08:13 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-13 08:13 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 08:13 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-13 08:13 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 08:13 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-13 08:13 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 08:13 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 08:13 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 08:13 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-13 08:13 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-13 08:13 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-13 08:13 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 08:13 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-12 09:22 - 2017-09-12 09:23 - 000263171 _____ C:\Users\Johannes\Downloads\Bewertung_Motivation.pdf
2017-09-10 14:05 - 2017-09-10 14:06 - 001437807 _____ C:\Users\Johannes\Downloads\8435.pdf
2017-09-08 10:57 - 2017-09-08 10:58 - 006111629 _____ C:\Users\Johannes\Downloads\fileadmin-user_upload-PDF-berichtsbaende-VuMA_2017_Berichtsband.pdf
2017-09-08 09:30 - 2017-09-08 09:31 - 000742603 _____ C:\Users\Johannes\Downloads\PIP_Teens_Games_and_Civics_Report_FINAL.pdf.pdf
2017-09-08 08:50 - 2017-09-08 08:50 - 001024060 _____ C:\Users\Johannes\Downloads\PI_2015-12-15_gaming-and-gamers_FINAL.pdf
2017-09-08 08:26 - 2017-09-08 08:26 - 000003034 _____ C:\Windows\System32\Tasks\{6B76AC51-6F5C-478A-9258-5552981164C2}
2017-09-08 08:26 - 2017-09-08 08:26 - 000003034 _____ C:\Windows\System32\Tasks\{57CC44A5-EFB1-4DA5-B38E-123E221D3461}
2017-09-07 19:18 - 2017-09-18 19:11 - 000000000 ____D C:\Windows\Minidump
2017-09-07 19:18 - 2017-09-07 19:19 - 001256824 _____ C:\Windows\Minidump\090717-44382-01.dmp
2017-09-07 09:58 - 2017-09-23 08:54 - 000000000 ____D C:\Users\Uni\Desktop\6.-7. Semester
2017-09-03 21:35 - 2017-09-04 12:59 - 000000000 ____D C:\Users\Johannes\Documents\Schweden-Krankenhaus
2017-09-01 10:47 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-01 10:47 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-09-01 10:47 - 2017-07-14 17:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-01 10:47 - 2017-07-14 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-01 10:47 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-01 10:46 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-01 10:46 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-09-01 10:46 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-01 10:46 - 2017-07-14 17:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-09-01 10:46 - 2017-07-14 17:12 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-09-01 10:46 - 2017-07-14 17:12 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-09-01 10:46 - 2017-07-14 17:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-09-01 10:46 - 2017-07-14 17:10 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-09-01 10:46 - 2017-07-14 17:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-09-01 10:46 - 2017-07-14 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-01 10:46 - 2017-07-14 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-01 10:46 - 2017-07-14 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-09-01 10:46 - 2017-07-14 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-09-01 10:46 - 2017-07-14 16:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-01 10:46 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-01 10:46 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-09-01 10:46 - 2017-07-08 17:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-01 10:46 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-01 10:46 - 2017-07-07 17:29 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-09-01 10:46 - 2017-07-07 17:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-26 23:51 - 2015-06-22 19:15 - 000001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-26 23:51 - 2013-11-29 22:55 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-09-26 23:50 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-26 23:42 - 2015-06-22 19:15 - 000001218 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-26 23:09 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-26 23:09 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-26 22:55 - 2016-05-26 14:33 - 000000000 ____D C:\Program Files (x86)\Zotero Standalone
2017-09-26 22:54 - 2015-01-01 19:03 - 000000000 ____D C:\AdwCleaner
2017-09-26 20:17 - 2013-11-29 22:55 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2017-09-25 09:53 - 2014-06-22 20:41 - 000000000 ____D C:\Users\Johannes\AppData\Local\Battle.net
2017-09-24 20:51 - 2014-06-22 20:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-09-24 20:17 - 2014-06-22 20:53 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-09-22 09:52 - 2014-06-18 18:24 - 000002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 21:58 - 2015-06-22 19:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-18 19:10 - 2016-11-16 11:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-18 19:10 - 2013-11-30 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-15 23:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-15 21:24 - 2013-12-15 16:51 - 000056320 ___SH C:\Users\Johannes\Thumbs.db
2017-09-15 21:18 - 2014-11-01 19:55 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-15 21:10 - 2015-05-26 19:56 - 000000000 ____D C:\ProgramData\Trymedia
2017-09-15 11:52 - 2016-06-25 11:35 - 000000000 ____D C:\Windows\pss
2017-09-15 08:50 - 2014-03-02 20:00 - 000000000 ____D C:\Users\Johannes\Desktop\sortieren
2017-09-14 21:35 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2017-09-14 11:34 - 2010-11-21 08:50 - 000702064 _____ C:\Windows\system32\perfh007.dat
2017-09-14 11:34 - 2010-11-21 08:50 - 000150698 _____ C:\Windows\system32\perfc007.dat
2017-09-14 11:34 - 2009-07-14 07:13 - 001627626 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 11:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-14 11:23 - 2009-07-14 06:45 - 000463016 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-14 11:14 - 2013-11-29 17:03 - 000000000 ____D C:\Windows\system32\MRT
2017-09-14 11:06 - 2013-11-29 17:03 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-14 10:47 - 2013-11-29 19:08 - 001601906 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-12 20:21 - 2013-11-30 14:14 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-12 20:21 - 2013-11-30 14:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-12 20:21 - 2013-11-30 14:14 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 20:20 - 2013-11-30 14:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-12 20:20 - 2013-11-30 14:14 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-08 08:30 - 2016-11-16 12:36 - 000000000 ____D C:\Users\Johannes\AppData\LocalLow\Mozilla
2017-09-07 19:46 - 2015-06-22 19:20 - 000000000 ___RD C:\Users\Johannes\Dropbox
2017-09-07 09:56 - 2014-11-05 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2017-09-07 09:56 - 2013-11-29 23:15 - 000000000 ____D C:\Program Files (x86)\Cisco
2017-09-07 09:55 - 2014-11-05 23:00 - 000000000 ____D C:\ProgramData\Cisco
2017-09-04 21:47 - 2015-05-28 15:46 - 000000000 ____D C:\Users\Johannes\AppData\Roaming\Audacity
2017-08-31 22:27 - 2015-07-03 21:57 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-31 22:25 - 2016-07-30 20:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 20:46 - 2015-04-01 12:32 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-03-13 20:56 - 2017-03-13 20:56 - 000001217 _____ () C:\Users\Johannes\AppData\Local\psppirerc
2017-03-13 20:56 - 2017-03-13 20:56 - 000010850 _____ () C:\Users\Johannes\AppData\Local\recently-used.xbel
2013-11-29 23:36 - 2013-11-29 23:37 - 000002205 _____ () C:\Users\Johannes\AppData\Local\WiDiSetupLog.20131129.223618.txt
2014-11-09 14:25 - 2014-11-09 14:25 - 000000057 _____ () C:\ProgramData\Ament.ini
2015-11-14 18:52 - 2015-11-14 18:52 - 000000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
2017-09-15 20:23 - 2017-09-15 20:24 - 000740416 _____ (Oracle Corporation) C:\Users\Johannes\AppData\Local\Temp\jre-8u144-windows-au.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-02-13 15:16
==================== Ende von FRST.txt ============================
|
|
26.09.2017, 23:16
| #9 |
| | Combofix-Log-Auswertung für Neuling die neue addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2017 01
durchgeführt von Johannes (27-09-2017 00:07:19)
Gestartet von C:\Users\Johannes\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-11-29 20:39:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3713904842-3737894215-1530784781-500 - Administrator - Disabled)
Gast (S-1-5-21-3713904842-3737894215-1530784781-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3713904842-3737894215-1530784781-1002 - Limited - Enabled)
Johannes (S-1-5-21-3713904842-3737894215-1530784781-1000 - Administrator - Enabled) => C:\Users\Johannes
Uni (S-1-5-21-3713904842-3737894215-1530784781-1003 - Administrator - Enabled) => C:\Users\Uni
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{169BAE78-A355-48F1-9A62-39F44804CE29}) (Version: 3.3.42.70280 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.3.42.70280 - Alcor Micro Corp.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.37.6239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.01044 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{D0D55FBB-BF2B-4B0D-9D0E-A4A0E1DB5DDF}) (Version: 4.5.01044 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Double Pack Burger Shop Deluxe (HKLM-x32\...\e868d14d921fe32308758a4cb836a5e2) (Version: - Zylom)
Double Pack Burger Shop Deluxe (HKLM-x32\...\fb6b3d6a15f43a4190e1dbbde9562faf) (Version: - Zylom)
Double Pack Delicious Deluxe (HKLM-x32\...\1cc19516e92a6f56c7aded5e04cdc19c) (Version: - Zylom)
Dropbox (HKLM-x32\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - )
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.2.5 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.2.5 - Lenovo)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.17.1125 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1125 - DVDVideoSoft Ltd.)
GoGear SA5MXX_V2 Device Manager (HKLM-x32\...\{4BFC5335-CE8C-4F4E-A2E6-8B07CF599D10}) (Version: 1.00 - Ihr Firmenname)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.26.00.06 - Huawei Technologies Co.,Ltd)
HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Hilfe (HKLM-x32\...\{6B953497-169C-4929-9AA9-A9F510347468}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Inquisit 4 Web Player (HKLM\...\{E8620E4B-8567-4E07-8CDB-8432054BD5B2}) (Version: 4.0.8.0 - Millisecond Software)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35132 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.11.1206.1 - Vimicro)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.99.11.0 - Overwolf Ltd.)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PokeMMO (HKLM-x32\...\PokeMMO_is1) (Version: - PokeMMO)
PSPP (HKLM-x32\...\PSPP) (Version: 0.10.4 - Free Software Foundation, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{A5BB6A58-BC1A-48A7-BB19-1768A80CF9C9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Supermarket Mania(R) 2 (HKLM-x32\...\be45c0c959302115103bb04dd55d7f0e) (Version: - Zylom)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.3.00000 - VMware, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2016-04-14] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers4-x32: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-07] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0011450F-3B9E-4BA8-8068-5D9B77FDAA71} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {19D2B353-6DBC-4BF1-9CD1-CCE09B2AA089} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-10-30] (Overwolf LTD)
Task: {1F233AE9-CB44-42FA-B08C-92DE4EE4130B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {2326A950-472A-4873-BA62-B7126E35C731} - System32\Tasks\{57CC44A5-EFB1-4DA5-B38E-123E221D3461} => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017-07-22] (Cisco Systems, Inc.)
Task: {32A9273B-7018-419C-BEA4-6F00442F2364} - System32\Tasks\{D98EF6B9-006A-4E46-AE6D-841589A58BBD} => C:\Users\Johannes\Downloads\Hearthstone Deck Tracker.exe [2015-11-12] (Epix)
Task: {3E17BFD9-E7AB-4F29-9951-694035CF64B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation)
Task: {49E38F27-DA06-4241-BFCE-4B874079CC2C} - System32\Tasks\{C72AD2AA-8132-4720-AED8-A13A3710BE2C} => C:\Users\Johannes\Downloads\Hearthstone Deck Tracker.exe [2015-11-12] (Epix)
Task: {5C0E729D-17DB-4BB6-9819-219E7CA3B097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5CF595C5-EC47-4EFB-A448-DBDA0CB6F349} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {78100506-D6F0-47D6-B9A0-E30F7576D5CC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {7DC8FC9A-121E-4047-A5CE-233B2F337EF8} - System32\Tasks\{18D5BFA1-9370-419A-94F5-CB77D4444E16} => C:\Windows\system32\pcalua.exe -a C:\Users\Johannes\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ACHTUNG
Task: {7E21310E-E574-4DBF-8786-A9DD25170256} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-24] (Microsoft Corporation)
Task: {8C7BF1D8-13C3-45A6-B59D-8CC4B03D5717} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9FB0CB49-71DF-4DE8-B8D2-2DDF5E168A3D} - System32\Tasks\HP AR Program Upload - 4811cd8c08034312991abe64220277c5d82e076025cd4736a335bd16fbaf2628 => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A4FD7AE3-9CF3-4FD5-ABC1-24003A89FB6F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {ACAC9E37-F929-49A4-986D-9ADCB19D208D} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B89594A6-E027-40E5-99F8-EB797F9CACCD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {BDD8A54F-25B3-45EA-8C43-D042CC917581} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {C78AD151-7E42-44E5-9BE5-447C7980A9C5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {C95DB26F-297B-4528-AE97-D9A63BF9ED6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {D7531752-9CBA-4560-A655-A04B4A62CB85} - System32\Tasks\HP AR Program Upload - 54ff7944da244accb89631a69a7866c840937d2dbc8e4020bd676cfb7120f1bd => C:\Program Files\HP\HP Deskjet 3520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {DCB63D9B-A754-437D-8452-69B35390A753} - System32\Tasks\{6B76AC51-6F5C-478A-9258-5552981164C2} => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017-07-22] (Cisco Systems, Inc.)
Task: {EC17B2BB-016F-408F-B694-C8A778861080} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation)
Task: {F9D72BFD-5D5E-4FE9-93D8-9374F121C642} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2008-12-20 04:20 - 2013-11-29 23:23 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-01-04 19:46 - 2013-11-29 23:23 - 001496480 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2008-12-20 04:20 - 2013-11-29 23:23 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2013-11-29 22:59 - 2012-02-17 02:21 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-08-21 16:52 - 2014-01-28 09:44 - 000137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2016-08-21 16:52 - 2014-01-28 09:44 - 000204096 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2013-11-29 22:55 - 2011-12-16 06:37 - 000128280 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2017-09-26 23:05 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-22 14:18 - 2017-07-22 14:18 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll
2017-07-22 14:18 - 2017-07-22 14:18 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll
2017-07-22 14:18 - 2017-07-22 14:18 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll
2017-07-22 14:18 - 2017-07-22 14:18 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll
2017-07-22 14:18 - 2017-07-22 14:18 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 002603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 21:15 - 2011-08-15 21:15 - 000382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 17:41 - 2011-08-17 17:41 - 000400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 000322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 14:29 - 2011-11-25 14:29 - 000015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 001006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 000195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 20:23 - 2011-08-15 20:23 - 000062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 14:28 - 2011-11-25 14:28 - 000484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 14:42 - 2011-11-25 14:42 - 000499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 14:26 - 2011-11-25 14:26 - 000013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2017-09-21 21:57 - 2017-09-20 18:48 - 000771904 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-09-21 21:57 - 2017-09-20 18:48 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-21 21:57 - 2017-09-20 18:49 - 000023872 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_bootstrap.dll
2017-09-21 21:58 - 2017-09-20 18:48 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-09-21 21:58 - 2017-09-20 18:48 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-09-21 21:58 - 2017-09-20 18:50 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000045888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-21 21:58 - 2017-09-20 18:48 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-09-21 21:58 - 2017-09-20 18:50 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-09-21 21:57 - 2017-09-20 18:48 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-09-21 21:57 - 2017-09-20 18:49 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-21 21:58 - 2017-09-20 18:50 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-09-21 21:57 - 2017-09-20 18:49 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-09-21 21:57 - 2017-09-20 18:49 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-09-21 21:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-09-21 21:57 - 2017-09-20 18:50 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-09-14 12:41 - 2017-09-14 12:41 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f203ecbdc8e8f4f836e1627efb89f9ae\IsdiInterop.ni.dll
2013-11-29 22:50 - 2011-11-29 21:00 - 000059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-29 22:54 - 2011-12-16 04:39 - 001198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Johannes\Documents\Fragenbogen_Armoneit_Burk_LeHuyen_Reber_Stein.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Johannes\Documents\Hausaufgabe Gruppe 3.docx:com.dropbox.attributes [256]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips GoGear SA5MXX_V2 Device Manager.lnk => C:\Windows\pss\Philips GoGear SA5MXX_V2 Device Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Johannes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Johannes^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 3520 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupreg: 331BigDog => C:\Program Files (x86)\USB Camera\VM331_STI.EXE
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Mobile Partner => C:\Program Files (x86)\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\\OverwolfLauncher.exe -overwolfsilent
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Johannes\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Johannes\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{D1D038FA-8CFB-4AC8-B18A-2741F348B3BD}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{4C00D526-F816-47DC-AD08-A6E4E17CA5B6}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{A4E737D5-61C4-4D2B-B3BE-6FA6171793FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{DEA6A6E3-8C50-494D-88A4-C10C034028A7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
==================== Wiederherstellungspunkte =========================
15-09-2017 21:16:56 TubeBox
17-09-2017 17:44:09 Windows Update
20-09-2017 18:44:21 Windows Update
23-09-2017 21:31:42 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
Name: MpKsl72c8e1eb
Description: MpKsl72c8e1eb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKsl72c8e1eb
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware Bridge Protocol
Description: VMware Bridge Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetBridge
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware Network Application Interface
Description: VMware Network Application Interface
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VMnetuserif
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware vmx86
Description: VMware vmx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VMware hcmon
Description: VMware hcmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hcmon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/26/2017 11:56:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rundll32.exe, Version 6.1.7601.23755 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: cd8
Startzeit: 01d33711cda31e6f
Endzeit: 78
Anwendungspfad: C:\Windows\System32\rundll32.exe
Berichts-ID:
Error: (09/26/2017 11:54:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/26/2017 10:57:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/26/2017 09:55:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136
Error: (09/26/2017 09:55:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136
Error: (09/26/2017 09:55:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2017 09:55:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
Error: (09/26/2017 09:55:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
Error: (09/26/2017 09:55:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/26/2017 09:55:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
Systemfehler:
=============
Error: (09/26/2017 11:58:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (09/26/2017 11:53:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde mit folgendem Fehler beendet:
Das System kann die angegebene Datei nicht finden.
Error: (09/26/2017 11:53:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%-2147196306
Error: (09/26/2017 11:53:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware DHCP Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Das System kann die angegebene Datei nicht finden.
Error: (09/26/2017 11:53:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware NAT Service" ist vom Dienst "VMware Network Application Interface" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Das System kann die angegebene Datei nicht finden.
Error: (09/26/2017 11:53:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VMware Network Application Interface" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/26/2017 11:53:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware Authorization Service" ist vom Dienst "VMware vmx86" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Das System kann die angegebene Datei nicht finden.
Error: (09/26/2017 11:52:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/26/2017 11:52:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft Office-Klick-und-Los-Dienst erreicht.
Error: (09/26/2017 11:51:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Log Rotator Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 3941.37 MB
Verfügbarer physikalischer RAM: 1695.82 MB
Summe virtueller Speicher: 7880.92 MB
Verfügbarer virtueller Speicher: 5533.84 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.87 GB) (Free:31.96 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C3FFC3FF)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
27.09.2017, 21:12
| #10 |
| /// TB-Ausbilder | Combofix-Log-Auswertung für Neuling Servus, kennst du diese Chrome Erweiterung? Скачать музыку Вконтакте >>> hanjiajgnonaobdlklncdjdmpbomlhoa |
|
28.09.2017, 16:58
| #11 |
| | Combofix-Log-Auswertung für Neuling Hallo! Ja der erste Teil sagt mir was. Ich brauche die aber eigentlich nicht mehr. Könnte das der Auslöser für meine Probleme sein? LG |
|
28.09.2017, 21:32
| #12 |
| /// TB-Ausbilder | Combofix-Log-Auswertung für Neuling Servus, ich glaube nicht, dass es der Auslöser ist. Bei solchen russischen Namen bin ich immer etwas vorsichtig...  wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
30.09.2017, 14:54
| #13 |
| | Combofix-Log-Auswertung für Neuling fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2017 01
durchgeführt von Johannes (30-09-2017 14:59:07) Run:1
Gestartet von C:\Users\Johannes\Desktop
Geladene Profile: Johannes (Verfügbare Profile: Johannes & Uni & Gast)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53649;https=127.0.0.1:53649
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1420131101&from=wpm12311&uid=HGSTXHTS545032A7E380_TMA45C480EH8YM0EH8YMX
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
Chrome HomePage => erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Program Files
26.09.2017 23:04 <DIR> .
26.09.2017 23:04 <DIR> ..
12.07.2016 22:59 <DIR> Bonjour
30.11.2013 14:23 <DIR> CDBurnerXP
10.08.2016 14:03 <DIR> Common Files
29.11.2013 23:24 <DIR> DIFX
24.11.2014 23:11 <DIR> dm
17.03.2017 08:21 <DIR> DVD Maker
09.11.2014 14:27 <DIR> HP
29.11.2013 23:16 <DIR> Intel
14.09.2017 11:16 <DIR> Internet Explorer
29.11.2013 23:24 <DIR> Lenovo
26.09.2017 23:04 <DIR> Malwarebytes
21.11.2010 09:00 <DIR> Microsoft Games
26.02.2016 16:28 <DIR> Microsoft Office 15
02.12.2016 10:52 <DIR> Microsoft Security Client
14.07.2009 07:32 <DIR> MSBuild
04.02.2016 19:43 <DIR> OBS
29.11.2013 23:07 <DIR> Realtek
14.07.2009 07:32 <DIR> Reference Assemblies
29.11.2013 23:18 <DIR> Synaptics
29.11.2013 18:41 <DIR> Windows Defender
21.11.2010 08:50 <DIR> Windows Mail
13.10.2016 18:20 <DIR> Windows Media Player
29.11.2013 22:39 <DIR> Windows NT
21.11.2010 08:50 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
21.11.2010 08:50 <DIR> Windows Sidebar
0 Datei(en), 0 Bytes
28 Verzeichnis(se), 33.597.931.520 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Program Files (x86)
15.09.2017 21:18 <DIR> .
15.09.2017 21:18 <DIR> ..
08.02.2015 17:23 <DIR> 7-Zip
30.07.2016 20:09 <DIR> Adobe
29.11.2013 23:13 <DIR> AmIcoSingLun
28.05.2015 15:46 <DIR> Audacity
27.09.2017 07:17 <DIR> Battle.net
12.07.2016 23:39 <DIR> Bluestacks
12.07.2016 22:59 <DIR> Bonjour
07.09.2017 09:56 <DIR> Cisco
03.11.2015 15:04 <DIR> Citavi 5
14.09.2017 21:26 <DIR> Common Files
21.09.2017 21:58 <DIR> Dropbox
05.12.2013 22:16 <DIR> DVDVideoSoft
24.01.2017 20:18 <DIR> DX-Ball
07.03.2015 21:43 <DIR> Electronic Arts
18.06.2014 18:24 <DIR> Google
24.09.2017 20:17 <DIR> Hearthstone
26.11.2015 19:10 <DIR> HearthstoneTracker
31.08.2017 20:46 <DIR> Heroes of the Storm
21.08.2016 16:52 <DIR> HiSuite
09.11.2014 14:28 <DIR> HP
09.11.2014 14:29 <DIR> HP Photo Creations
29.11.2013 19:19 <DIR> Intel
14.09.2017 11:16 <DIR> Internet Explorer
31.08.2016 23:32 <DIR> Java
30.11.2013 14:17 <DIR> K-Lite Codec Pack
29.11.2013 23:24 <DIR> Lenovo
15.09.2017 22:21 <DIR> Microsoft
24.06.2016 07:33 <DIR> Microsoft Office
26.02.2016 16:41 <DIR> Microsoft OneDrive
02.12.2016 10:52 <DIR> Microsoft Security Client
02.03.2014 17:09 <DIR> Microsoft SQL Server Compact Edition
07.03.2015 21:43 <DIR> Microsoft WSE
26.02.2016 16:39 <DIR> Microsoft.NET
18.09.2017 19:10 <DIR> Mozilla Firefox
18.09.2017 19:10 <DIR> Mozilla Maintenance Service
03.06.2015 21:50 <DIR> Mozilla Thunderbird
14.07.2009 07:32 <DIR> MSBuild
04.02.2016 19:43 <DIR> OBS
30.11.2013 14:23 <DIR> OpenOffice 4
07.11.2016 23:20 <DIR> Overwolf
10.08.2016 16:03 <DIR> OXXOGames
10.11.2015 20:25 <DIR> PDF24
03.09.2015 14:04 <DIR> Philips
30.11.2013 15:30 <DIR> PhotoScape
01.02.2017 13:41 <DIR> PSPP
20.02.2014 21:47 <DIR> RealArcade
29.11.2013 23:06 <DIR> Realtek
14.07.2009 07:32 <DIR> Reference Assemblies
03.06.2017 19:58 <DIR> Skype
08.12.2016 12:35 <DIR> StarCraft II
13.08.2015 14:16 <DIR> Steam
29.11.2013 23:20 <DIR> USB Camera
30.11.2013 14:16 <DIR> VideoLAN
29.11.2013 23:20 <DIR> Vimicro
10.08.2016 14:03 <DIR> VMware
29.11.2013 18:41 <DIR> Windows Defender
01.09.2016 20:14 <DIR> Windows Live
21.11.2010 08:50 <DIR> Windows Mail
13.10.2016 18:20 <DIR> Windows Media Player
14.07.2009 07:32 <DIR> Windows NT
21.11.2010 08:50 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
21.11.2010 08:50 <DIR> Windows Sidebar
08.12.2016 12:35 <DIR> World of Warcraft
26.09.2017 22:55 <DIR> Zotero Standalone
0 Datei(en), 0 Bytes
67 Verzeichnis(se), 33.597.890.560 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\ProgramData
26.09.2017 23:04 <DIR> .
26.09.2017 23:04 <DIR> ..
16.03.2016 22:36 <DIR> .mono
30.07.2016 20:08 <DIR> Adobe
09.11.2014 14:25 57 Ament.ini
29.11.2013 23:13 <DIR> AmUStor
12.07.2016 22:59 <DIR> Apple
05.01.2017 18:47 <DIR> Ashampoo
18.02.2016 14:41 <DIR> Battle.net
21.09.2015 22:17 <DIR> Blizzard Entertainment
12.07.2016 23:39 <DIR> Bluestacks
01.08.2016 23:02 <DIR> BlueStacksSetup
07.09.2017 09:55 <DIR> Cisco
20.06.2015 20:05 <DIR> com.gamehouse.acid
29.11.2013 23:23 <DIR> Downloaded Installations
22.06.2015 19:15 <DIR> Dropbox
07.03.2015 21:45 <DIR> Electronic Arts
31.03.2014 14:44 <DIR> Energy Management
21.12.2014 23:52 <DIR> GameHouse
22.02.2014 21:13 <DIR> GoBit Games
21.08.2016 16:52 <DIR> HandSetService
20.10.2014 19:06 <DIR> Hewlett-Packard
21.08.2016 16:52 <DIR> HiSuiteOuc
09.11.2014 14:27 <DIR> HP
09.11.2014 14:29 <DIR> HP Photo Creations
05.12.2014 15:38 <DIR> hps
29.11.2013 23:15 <DIR> Intel
21.12.2014 23:52 <DIR> Intenium
26.09.2017 23:04 <DIR> Malwarebytes
26.02.2016 16:41 <DIR> Microsoft OneDrive
14.11.2015 18:52 98 Microsoft.SqlServer.Compact.400.32.bc
30.11.2013 14:31 <DIR> Mozilla
31.08.2016 23:34 <DIR> Oracle
08.11.2016 11:47 <DIR> Overwolf
15.09.2017 21:18 <DIR> Package Cache
24.06.2016 12:10 <DIR> regid.1991-06.com.microsoft
29.11.2013 23:16 <DIR> Roaming
03.06.2017 19:58 <DIR> Skype
03.11.2015 15:06 <DIR> Swiss Academic Software
17.10.2016 15:37 <DIR> tmp
15.09.2017 21:10 <DIR> Trymedia
09.11.2014 14:29 <DIR> Visan
10.08.2016 14:03 <DIR> VMware
2 Datei(en), 155 Bytes
41 Verzeichnis(se), 33.597.837.312 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Users\Johannes\AppData\Roaming
26.02.2017 20:06 <DIR> .
26.02.2017 20:06 <DIR> ..
16.03.2016 22:36 <DIR> .mono
29.12.2013 15:29 <DIR> Adobe
12.07.2016 23:31 <DIR> Andy
04.09.2017 21:47 <DIR> Audacity
15.07.2016 07:16 <DIR> Battle.net
30.11.2013 14:23 <DIR> Canneverbe Limited
01.11.2014 19:56 <DIR> dlg
22.06.2015 19:17 <DIR> Dropbox
05.12.2013 22:17 <DIR> DVDVideoSoft
30.01.2017 17:04 <DIR> GalileoPress
10.06.2017 23:13 <DIR> HearthstoneDeckTracker
30.10.2015 12:11 <DIR> hps-install
21.06.2017 18:55 <DIR> HpUpdate
29.11.2013 22:40 <DIR> Identities
29.11.2013 22:50 <DIR> InstallShield
29.11.2013 23:16 <DIR> Intel
29.11.2013 22:51 <DIR> Intel Corporation
21.12.2014 23:52 <DIR> Intenium
30.11.2013 14:26 <DIR> Macromedia
21.11.2010 09:00 <DIR> Media Center Programs
25.06.2015 11:33 <DIR> Millisecond Software
30.11.2013 14:32 <DIR> Mozilla
09.02.2017 17:42 <DIR> OBS
30.11.2013 14:44 <DIR> OpenOffice
03.09.2015 14:05 <DIR> Philips
19.02.2014 23:45 <DIR> PhotoScape
31.08.2016 23:51 <DIR> PokeMMO
20.07.2017 08:13 <DIR> Skype
26.02.2017 20:05 <DIR> Sparda
26.02.2017 20:11 <DIR> SpardaSecureApp
30.09.2017 14:56 <DIR> Spotify
31.08.2016 23:34 <DIR> Sun
18.02.2014 19:11 <DIR> Supermarket Mania 2
03.11.2015 19:46 <DIR> Swiss Academic Software
09.04.2014 15:40 <DIR> temp
09.03.2014 17:17 <DIR> Thunderbird
30.03.2016 23:27 <DIR> TS3Client
26.02.2017 20:05 <DIR> UninstallData
31.05.2017 22:41 <DIR> vlc
31.07.2016 20:15 <DIR> VMware
18.02.2014 19:05 <DIR> WinRAR
26.05.2016 14:33 <DIR> Zotero
0 Datei(en), 0 Bytes
44 Verzeichnis(se), 33.597.771.776 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Users\Johannes\AppData\Local
29.09.2017 20:41 <DIR> .
29.09.2017 20:41 <DIR> ..
10.08.2016 23:55 <DIR> Adobe
27.09.2017 08:08 <DIR> Battle.net
22.06.2014 21:03 <DIR> Blizzard
22.06.2014 20:41 <DIR> Blizzard Entertainment
12.07.2016 23:38 <DIR> Bluestacks
09.08.2015 17:35 <DIR> CEF
05.11.2014 23:00 <DIR> Cisco
20.06.2015 20:15 <DIR> com.gamehouse.acid
26.11.2015 22:08 <DIR> Diagnostics
03.11.2015 15:02 <DIR> Downloaded Installations
12.06.2017 22:31 <DIR> Dropbox
26.11.2015 22:11 <DIR> Epix
01.11.2014 19:57 <DIR> Freetec
13.12.2016 10:17 118.120 GDIPFONTCACHEV1.DAT
26.03.2017 20:14 <DIR> Google
15.02.2017 20:13 <DIR> gtk-3.0
15.02.2017 21:30 <DIR> HearthSim
14.11.2015 18:52 <DIR> HearthstoneTracker
21.08.2016 16:52 <DIR> HiSuite
09.11.2014 14:56 <DIR> HP
30.11.2013 15:10 <DIR> Macromedia
26.02.2017 19:12 <DIR> Microsoft
09.11.2015 00:12 <DIR> Microsoft Games
17.04.2017 14:19 <DIR> Microsoft Help
21.12.2013 16:00 <DIR> Mozilla
16.09.2015 21:26 <DIR> netz
24.05.2017 17:01 <DIR> Overwolf
10.11.2015 20:26 <DIR> PDF24
30.11.2013 14:17 <DIR> Programs
13.03.2017 20:56 1.217 psppirerc
13.03.2017 20:56 10.850 recently-used.xbel
29.09.2017 21:55 <DIR> Spotify
30.03.2015 17:20 <DIR> Steam
23.02.2016 22:57 <DIR> TeamSpeak 3 Client
30.09.2017 14:59 <DIR> Temp
03.06.2015 21:53 <DIR> Thunderbird
01.11.2014 19:58 <DIR> TubeBox
27.06.2015 13:01 <DIR> VirtualStore
29.11.2013 23:37 2.205 WiDiSetupLog.20131129.223618.txt
01.09.2016 21:45 <DIR> Windows Live
26.05.2016 14:33 <DIR> Zotero
4 Datei(en), 132.392 Bytes
39 Verzeichnis(se), 33.597.509.632 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Program Files (x86)\Common Files
14.09.2017 21:26 <DIR> .
14.09.2017 21:26 <DIR> ..
30.07.2016 20:09 <DIR> Adobe
21.09.2015 22:18 <DIR> Blizzard Entertainment
24.06.2016 12:08 <DIR> DESIGNER
05.12.2013 22:16 <DIR> DVDVideoSoft
29.11.2013 23:04 <DIR> InstallShield
29.11.2013 22:59 <DIR> Intel
29.11.2013 22:55 <DIR> Intel Corporation
31.08.2016 23:34 <DIR> Java
24.06.2016 12:08 <DIR> microsoft shared
07.11.2016 23:15 <DIR> Overwolf
29.11.2013 22:54 <DIR> postureAgent
14.07.2009 05:20 <DIR> Services
03.06.2017 19:58 <DIR> Skype
14.07.2009 05:20 <DIR> SpeechEngines
30.03.2015 17:20 <DIR> Steam
29.11.2013 18:41 <DIR> System
12.07.2016 23:00 <DIR> ThinPrint
12.07.2016 23:00 <DIR> VMware
02.03.2014 17:05 <DIR> Windows Live
0 Datei(en), 0 Bytes
21 Verzeichnis(se), 33.597.452.288 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Program Files\Common Files
10.08.2016 14:03 <DIR> .
10.08.2016 14:03 <DIR> ..
29.11.2013 23:15 <DIR> Intel
26.02.2016 16:02 <DIR> Microsoft Shared
14.07.2009 05:20 <DIR> Services
14.07.2009 05:20 <DIR> SpeechEngines
29.11.2013 18:41 <DIR> System
0 Datei(en), 0 Bytes
7 Verzeichnis(se), 33.597.390.848 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\Users\Johannes
01.02.2017 13:41 <DIR> .
01.02.2017 13:41 <DIR> ..
12.07.2016 23:22 <DIR> .android
26.10.2016 09:41 <DIR> .cisco
13.03.2017 19:29 <DIR> .dbus-keyrings
31.08.2016 23:34 <DIR> .oracle_jre_usage
29.11.2013 23:02 0 agent.log
12.07.2016 22:55 <DIR> Andy
14.09.2017 11:26 <DIR> Contacts
30.09.2017 14:59 <DIR> Desktop
14.09.2017 11:26 <DIR> Documents
26.09.2017 23:59 <DIR> Downloads
07.09.2017 19:46 <DIR> Dropbox
14.09.2017 11:26 <DIR> Favorites
08.12.2013 16:01 43.590.569 foto_friend.flv
21.12.2013 17:49 1.396.679 hohohohoho.flv
14.09.2017 11:26 <DIR> Links
14.09.2017 11:26 <DIR> Music
14.09.2017 11:26 <DIR> Pictures
13.03.2017 20:56 6.945 pspp.jnl
05.12.2014 15:51 <DIR> restore
29.11.2013 23:16 <DIR> Roaming
14.09.2017 11:26 <DIR> Saved Games
14.09.2017 11:26 <DIR> Searches
05.01.2016 17:35 <DIR> Tracing
21.12.2013 17:38 1.233.832 trolololol.flv
25.01.2016 17:47 429.771 Unbenannt.PNG
14.09.2017 11:26 <DIR> Videos
6 Datei(en), 46.657.796 Bytes
22 Verzeichnis(se), 33.597.337.600 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 904C-80B8
Verzeichnis von C:\
12.02.2016 09:54 <DIR> 3a569c0c1bf26f571d1d09
11.02.2015 12:41 <DIR> 66ffab1f5b93baefd566c5b35d0a42
26.09.2017 22:54 <DIR> AdwCleaner
10.12.2014 10:47 <DIR> bb5fedeb2f530fcb88b4146c
14.09.2017 21:40 29.401 ComboFix.txt
30.09.2017 14:59 <DIR> FRST
29.11.2013 22:58 <DIR> Intel
13.02.2014 19:38 <DIR> output
14.07.2009 05:20 <DIR> PerfLogs
26.09.2017 23:04 <DIR> Program Files
15.09.2017 21:18 <DIR> Program Files (x86)
26.09.2017 23:04 <DIR> ProgramData
14.09.2017 21:40 <DIR> Qoobox
29.11.2013 22:39 <DIR> Recovery
26.09.2017 21:34 213.164 TDSSKiller.3.1.0.15_26.09.2017_21.28.43_log.txt
12.10.2014 12:51 <DIR> Users
27.09.2017 00:12 <DIR> Windows
20.06.2015 20:13 <DIR> Zylom Games
2 Datei(en), 242.565 Bytes
16 Verzeichnis(se), 33.597.272.064 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
=== Ende von ExportKey ===
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3713904842-3737894215-1530784781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21102709 B
Java, Flash, Steam htmlcache => 29505799 B
Windows/system/drivers => 10606395 B
Edge => 0 B
Chrome => 642410260 B
Firefox => 426249032 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 1841168 B
LocalService => 0 B
NetworkService => 133721237 B
Johannes => 183808826 B
Uni => 10090604 B
Gast => 67242 B
RecycleBin => 13736 B
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:15:25 ====
Code:
ATTFilter
|
|
30.09.2017, 20:26
| #14 |
| /// TB-Ausbilder | Combofix-Log-Auswertung für Neuling Ok, gut gemacht bisher. |
|
01.10.2017, 14:30
| #15 |
| | Combofix-Log-Auswertung für Neuling Hallo! Ich bin jetzt nach fast 20 h endlich fertig mit dem Scan mit Eset.  Ich habe jetzt die Log-Datei, bin mir aber nicht sicher, ob ich die Bedrohungen, die gefunden wurden, jetzt säubern soll oder nicht? Oder soll ich Schritt 4 machen? Bin mir nur unsicher, weil sonst immer extra dastand, dass ich nichts säubern soll.Ich hab das Fenster von Eset quasi noch offen, will nicht nochmal so ewig warten  |
|
| Themen zu Combofix-Log-Auswertung für Neuling |
| ahnung, andere, anfänger, combofix, einloggen, falsch, gelöst, geändert, google, heute, hoffe, häufiger, komische, login, mailadresse, mailadressen, malware, neu, neuling, passwort, problem, programm, sache, sofort, verschickt, wirklich |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
