| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Microsoft-Ansage "Pc deaktivieren" VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.09.2017, 20:55
| #1 |
 |  Microsoft-Ansage "Pc deaktivieren" Virus Hallo, als ich gerade meinen PC angemacht habe kam eine Ansage: Ihr PC ist mit einem Virus infiziert, rufen sie sofort bei Microsoft an. Der Virus gibt Kreditkartendaten weiter. Wenn sie nicht anrufen müssen wir ihren PC deaktivieren". Bin total besorgt. So ungefähr wurde das gesagt, AVIRA meinte auch irgendwas gefunden zu haben, kann jetzt ohne Datensicherung erst nicht direkt neuaufsetzen. Könnt ihr mir dabei irgendwie helfen? Vielen Dank schonmal Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017 01
durchgeführt von Christophh (Administrator) auf CHRISTOPH (19-09-2017 22:11:41)
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh (Verfügbare Profile: Christophh)
Platform: Windows 10 Pro N Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(AVM Berlin) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [919032 2017-09-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-02-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebeed22-0f5c-4834-a642-ac386011e952}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-10-28] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-19] (Microsoft Corporation)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-28] (DVDVideoSoft Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-19] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
FireFox:
========
FF DefaultProfile: wnpf6fue.default
FF ProfilePath: C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default [2017-09-19]
FF NetworkProxy: Mozilla\Firefox\Profiles\wnpf6fue.default -> type", 0
FF Extension: (OffersOlymp) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\@offersolymp.xpi [2017-08-24]
FF Extension: (ProxTube) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\ich@maltegoetz.de.xpi [2017-06-29]
FF Extension: (Adblock Plus) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default [2017-09-17]
CHR Extension: (Google Slides) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (OffersOlymp) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn [2017-08-23]
CHR Extension: (YouTube) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Steam Inventory Helper) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-08-23]
CHR Extension: (Google Search) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Yahoo Partner) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-23]
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bbiilhoacmmppcmcogfmaailncbelbgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-09-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-09-13] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-08-15] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-16] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-11-10] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176856 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2015-11-01] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [32792 2015-09-29] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-19 22:11 - 2017-09-19 22:11 - 000025413 _____ C:\Users\Christophh\Downloads\FRST.txt
2017-09-19 22:11 - 2017-09-19 22:11 - 000000000 ____D C:\FRST
2017-09-19 22:10 - 2017-09-19 22:10 - 002399744 _____ (Farbar) C:\Users\Christophh\Downloads\FRST64.exe
2017-09-12 23:00 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-12 23:00 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-12 23:00 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-12 23:00 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 23:00 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 23:00 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-12 23:00 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-12 23:00 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-12 23:00 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-12 22:59 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-12 22:59 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-12 22:59 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-12 22:59 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-12 22:59 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-12 22:59 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-12 22:59 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-12 22:59 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-12 22:59 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-12 22:59 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-12 22:59 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-12 22:59 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-12 22:59 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-12 22:59 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-12 22:59 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-12 22:59 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-12 22:59 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-12 22:59 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-12 22:59 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-12 22:59 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-12 22:59 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-12 22:59 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-12 22:59 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-12 22:59 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-12 22:59 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-12 22:59 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-12 22:59 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-12 22:59 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-12 22:59 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-12 22:59 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-12 22:59 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-12 22:59 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-12 22:59 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-08 11:59 - 2017-09-08 11:59 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-09-06 23:49 - 2017-09-06 23:49 - 000000041 _____ C:\Users\Christophh\Desktop\sky.txt
2017-09-05 00:11 - 2017-09-05 00:11 - 005004137 _____ C:\Users\Christophh\Desktop\867c5e9ab0891a8d.mp4
2017-08-27 19:38 - 2017-08-27 19:38 - 000461541 _____ C:\Users\Christophh\Downloads\8CTVBK
2017-08-27 19:36 - 2017-08-27 19:36 - 000188608 _____ C:\Users\Christophh\Downloads\Documents(1).zip
2017-08-27 19:36 - 2017-06-07 11:04 - 000037225 ____N C:\Users\Christophh\Desktop\Tutorium06-SS17.pdf
2017-08-27 19:36 - 2017-05-29 11:33 - 000037344 ____N C:\Users\Christophh\Desktop\Tutorium05-SS17.pdf
2017-08-27 19:36 - 2017-05-24 15:05 - 000037470 ____N C:\Users\Christophh\Desktop\Tutorium04-SS17.pdf
2017-08-27 19:36 - 2017-05-17 11:57 - 000037932 ____N C:\Users\Christophh\Desktop\Tutorium03-SS17.pdf
2017-08-27 19:36 - 2017-05-15 08:43 - 000032988 ____N C:\Users\Christophh\Desktop\Tutorium02-SS17.pdf
2017-08-27 19:36 - 2017-05-04 09:54 - 000048413 ____N C:\Users\Christophh\Desktop\Tutorium01-SS17.pdf
2017-08-27 19:35 - 2017-08-27 19:35 - 015613585 _____ C:\Users\Christophh\Downloads\Documents.zip
2017-08-26 21:39 - 2017-08-26 21:39 - 020317282 _____ C:\Users\Christophh\Downloads\Gmail.zip
2017-08-23 19:05 - 2017-08-23 19:05 - 000000000 ____D C:\Steamspiele
2017-08-23 16:11 - 2017-09-19 21:33 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Spotify
2017-08-23 16:11 - 2017-09-19 21:33 - 000000000 ____D C:\Users\Christophh\AppData\Local\Spotify
2017-08-23 16:11 - 2017-08-23 16:11 - 000001914 _____ C:\Users\Christophh\Desktop\Spotify.lnk
2017-08-23 16:11 - 2017-08-23 16:11 - 000001900 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-23 16:10 - 2017-08-23 16:10 - 058203272 _____ (Spotify Ltd) C:\Users\Christophh\Downloads\SpotifyFullSetup.exe
2017-08-23 16:10 - 2017-08-23 16:10 - 000000247 _____ C:\SILENT
2017-08-23 16:10 - 2017-08-23 16:10 - 000000000 ____D C:\Program Files (x86)\Offers Olymp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-19 22:10 - 2017-06-30 17:03 - 000000000 ____D C:\Users\Christophh\AppData\Local\Deployment
2017-09-19 21:54 - 2015-12-18 22:56 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Skype
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-19 21:37 - 2017-06-27 13:25 - 002490142 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-19 21:37 - 2017-03-20 06:40 - 001145038 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-19 21:37 - 2017-03-20 06:40 - 000261166 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-19 21:37 - 2016-11-20 12:30 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Mozilla
2017-09-19 21:36 - 2017-03-18 23:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 21:36 - 2017-03-18 23:00 - 000000000 ____D C:\WINDOWS\INF
2017-09-19 21:36 - 2015-10-28 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-19 21:35 - 2017-06-27 13:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-19 21:33 - 2015-10-16 15:11 - 000000000 ____D C:\ProgramData\Origin
2017-09-17 12:09 - 2015-11-08 15:35 - 000000000 ____D C:\Users\Christophh\AppData\Local\LogMeIn Hamachi
2017-09-17 12:08 - 2017-06-27 13:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B4380E-769C-4734-94C3-69A9011C9AF2}
2017-09-17 12:08 - 2017-06-27 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-17 12:06 - 2017-06-27 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-17 11:42 - 2017-06-27 13:16 - 000000000 ____D C:\Users\Christophh
2017-09-17 11:42 - 2015-10-16 15:20 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\TS3Client
2017-09-14 14:14 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\rescache
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-13 18:49 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-13 18:48 - 2015-10-16 13:14 - 000176856 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-09-13 18:48 - 2015-10-16 13:14 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-09-13 14:38 - 2017-06-27 13:15 - 000381288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 14:38 - 2016-04-27 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 00:08 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-13 00:07 - 2017-03-20 06:39 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 23:02 - 2015-10-16 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:01 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 23:01 - 2015-10-16 13:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-08 11:59 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-08 10:01 - 2017-07-27 14:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647985832-747989680-4269839675-1001
2017-09-08 10:01 - 2016-07-29 20:50 - 000002437 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 10:01 - 2015-10-28 19:14 - 000000000 ___RD C:\Users\Christophh\OneDrive
2017-09-02 19:30 - 2015-10-16 15:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-02 17:57 - 2016-01-24 17:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-02 17:15 - 2017-03-18 23:04 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:04 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 19:58 - 2016-11-19 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-27 19:58 - 2015-10-16 14:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-25 15:44 - 2017-07-27 22:57 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-25 15:40 - 2016-01-15 21:16 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-25 15:40 - 2016-01-15 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-24 21:30 - 2016-08-12 16:59 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 21:30 - 2016-08-12 16:59 - 000000000 ____D C:\Users\Christophh\AppData\Local\UnrealEngine
2017-08-23 14:38 - 2015-10-28 19:16 - 000000000 ____D C:\Users\Christophh\AppData\Local\MSfree Inc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 20:07 - 2017-01-27 18:49 - 000007591 _____ () C:\Users\Christophh\AppData\Local\Resmon.ResmonCfg
2015-10-29 20:55 - 2015-10-29 20:55 - 000000003 _____ () C:\Users\Christophh\AppData\Local\updater.log
2015-10-29 20:55 - 2017-05-06 11:08 - 000000425 _____ () C:\Users\Christophh\AppData\Local\UserProducts.xml
2016-09-25 17:14 - 2016-09-25 17:14 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-08 19:02
==================== Ende von FRST.txt ============================
Geändert von banshing (19.09.2017 um 21:16 Uhr) Grund: Untersuchung FRST |
|
20.09.2017, 15:54
| #2 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Vielen Dank schonmal Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2017 01
durchgeführt von Christophh (19-09-2017 22:12:03)
Gestartet von C:\Users\Christophh\Downloads
Windows 10 Pro N Version 1703 (X64) (2017-06-27 11:22:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2647985832-747989680-4269839675-500 - Administrator - Disabled)
Christophh (S-1-5-21-2647985832-747989680-4269839675-1001 - Administrator - Enabled) => C:\Users\Christophh
DefaultAccount (S-1-5-21-2647985832-747989680-4269839675-503 - Limited - Disabled)
Gast (S-1-5-21-2647985832-747989680-4269839675-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.66 - NVIDIA Corporation) Hidden
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlefield™ 1 CTE (HKLM-x32\...\{E970EAB6-8F6F-4E72-AB13-F6648397322C}) (Version: 1.0.49.53737 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - )
Fallout 4 Update 7 MULTi2 1.3.47 (HKLM-x32\...\Fallout 4 Update 7 MULTi2 1.3.47) (Version: - )
Far Cry 4 Final DLC Edition (HKLM-x32\...\Far Cry 4 Final DLC Edition) (Version: 1.01 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.163.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.642 - IBM Corp)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY 2 Demo (HKLM\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - )
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
SteelSeries Engine 3.6.5.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.5.1 - SteelSeries ApS)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version: - Rune Forge)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> Keine Datei
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-13] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {079C14B1-CB36-4B02-B028-CE0CEDA98B4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {12499066-3D4B-4DED-83CB-F1FFC715E2D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {145BC74F-115A-4698-B56C-BFC772C08436} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {1B85927A-612F-4181-85EE-63FE2ED0865B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1CC83974-E9D3-4810-BA4C-7220F4900776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2174755F-05CE-49D0-AE15-747D140A045B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {23E845F4-7EBF-4E56-AC3B-366E26A110AC} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {4251EA1E-A6D3-45D4-AFC1-95DE3060F863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {49B78674-9BE2-4E99-8E88-AC2E440BC2B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {555A41E3-676C-4710-B88E-201FC8C82C05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {5616F5D0-8636-485C-B6CC-57BBDB454828} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5AA4E1B3-CBE0-4B2B-BDEF-A78B1C85B868} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {5DB0FBE3-2D87-4192-AA89-2F4CF88D24F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {63A3C67B-2DA1-4C68-8C6A-B4C1EFF5C3CA} - System32\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {65376000-8CC5-41DE-9120-D2B71DC04235} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {67A30A74-9E49-4542-BF72-B99B5AC568F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {6A59C583-FBB0-4F2B-A452-307A30BEF6BC} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {6B4F050C-85D1-45D4-BC79-3DFD6C69368B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {6EFCD18D-6694-43F7-B182-2EE79B5F01BC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75639B92-6F08-447D-9DB6-2C9EB681FEE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7829529D-F801-4A48-BE78-01C847E2EBB4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {7CC31553-2D5E-438B-A5DA-27AF6A753689} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8690B4D6-D373-4296-AD8C-77CCA8827DF9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {90486FE1-A505-47DA-A1B3-4A19B2E5BE65} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {96F6BD3B-3A9D-4A82-B65F-BCEBF51B29BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {9EF9EE6E-F43C-4EA4-A946-03448AF1AD19} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {B40A4036-DD57-47F9-858C-63F09F3AB501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B6B33C06-EB44-4CFA-84ED-342E4C5E7039} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {C8373F93-1E5D-4461-9FB5-EB6FEB1E9CFD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-19] ()
Task: {E3490B13-F99A-4811-B177-587C23626ADE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {ED950690-48CA-447A-AB14-0DE3300969AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F0FAB5DD-8534-4FD2-84F4-9F6707BF3BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {F4D99559-374E-46D7-BF35-2CFC0C780B4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-27 13:16 - 2013-07-04 03:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-10-29 21:11 - 2015-11-10 18:38 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-10-24 20:51 - 2017-02-23 20:34 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:56 - 2017-03-18 22:56 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:58 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-28 19:16 - 2008-07-11 17:04 - 000200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-10-28 19:16 - 2008-07-11 17:03 - 000282112 _____ () C:\Windows\System\HsMgr64.exe
2017-04-11 19:12 - 2017-08-23 17:49 - 000021856 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-06-27 13:16 - 2017-09-17 12:08 - 000038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-27 13:16 - 2013-07-04 03:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-24 20:51 - 2017-02-23 20:33 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-20 15:48 - 2017-08-23 17:48 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-10-20 15:48 - 2017-08-23 17:48 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-16 15:20 - 2016-07-03 11:42 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-08-23 16:11 - 2017-09-14 13:55 - 071818864 _____ () C:\Users\Christophh\AppData\Roaming\Spotify\libcef.dll
2017-09-19 21:33 - 2017-09-19 21:33 - 000098816 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32api.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000110080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\pywintypes27.dll
2017-09-19 21:33 - 2017-09-19 21:33 - 000364544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\pythoncom27.dll
2017-09-19 21:33 - 2017-09-19 21:33 - 000320512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32com.shell.shell.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000914432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_hashlib.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 001176576 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._core_.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000806400 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._gdi_.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000816128 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._windows_.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 001067008 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._controls_.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000733184 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._misc_.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000682496 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\pysqlite2._sqlite.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_ctypes.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000686080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\unicodedata.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000119808 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32file.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000108544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32security.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000007168 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\hashobjs_ext.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000017920 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\thumbnails_ext.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\usb_ext.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000012800 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\common.time34.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000018432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32event.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000167936 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32gui.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000046080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_socket.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 001303552 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_ssl.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000128512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_elementtree.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000127488 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\pyexpat.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000038912 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32inet.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000036864 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_psutil_windows.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000524248 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\windows._lib_cacheinvalidation.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000011264 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32crypt.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000123392 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._wizard.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000077312 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._html2.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000027648 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_multiprocessing.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000020480 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\_yappi.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000035840 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32process.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000078848 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\wx._animate.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000024064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32pipe.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000010240 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\select.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000025600 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32pdh.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000017408 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32profile.pyd
2017-09-19 21:33 - 2017-09-19 21:33 - 000022528 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI135282\win32ts.pyd
2017-08-23 16:11 - 2017-09-14 13:55 - 002969200 _____ () C:\Users\Christophh\AppData\Roaming\Spotify\libglesv2.dll
2017-08-23 16:11 - 2017-09-14 13:55 - 000086640 _____ () C:\Users\Christophh\AppData\Roaming\Spotify\libegl.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-02 17:53 - 2017-08-04 23:19 - 000678176 _____ () D:\Steam\SDL2.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 004969248 _____ () D:\Steam\v8.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 002505504 _____ () D:\Steam\video.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 002549760 _____ () D:\Steam\libavcodec-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000442880 _____ () D:\Steam\libavutil-54.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001195296 _____ () D:\Steam\icuuc.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001563936 _____ () D:\Steam\icui18n.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000491008 _____ () D:\Steam\libavformat-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000485888 _____ () D:\Steam\libswscale-3.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000332800 _____ () D:\Steam\libavresample-2.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 000885024 _____ () D:\Steam\bin\chromehtml.DLL
2016-10-14 21:39 - 2016-07-05 00:17 - 000266560 _____ () D:\Steam\openvr_api.dll
2017-06-09 09:16 - 2017-05-17 03:54 - 000678176 _____ () D:\Steam\bin\cef\cef.win7\SDL2.dll
2017-09-02 17:53 - 2017-07-18 00:50 - 073115424 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2016-10-14 21:39 - 2015-09-25 01:52 - 000119208 _____ () D:\Steam\winh264.dll
2016-10-24 20:51 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-24 20:51 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B35FBDA9-C65B-47A7-89EA-57B01B60EA65}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [{099D13E3-C461-4BC6-8AA9-D8FE2A5A3C87}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [UDP Query User{F3A72D23-B603-4F7B-94FB-759242EC9FE3}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [TCP Query User{7E91D023-B68C-446F-A88D-AF8F190CA3CF}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [{68DECFC6-06EC-4A89-9460-8AD119AB25DE}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{4B97FF0B-B5CC-4D2C-91C8-54E7C412E087}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{054FFD83-2C35-425A-8D3D-4D2E82399EAA}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{FAB710FB-1EE2-43CA-BE36-54DC74DEB183}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{EAF85DE4-1BA5-4707-A2E7-D559A31DFBD1}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{3B78D03A-6E75-4D58-9501-21A2B6179C24}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{4D87E320-DF34-41A4-8F18-D8116E522B26}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8E11CAB3-6576-4470-A984-06E21B7CCD74}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8ADDDCD5-DD4B-4D61-812C-374174D98790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{4084F086-02AC-47E7-9C96-3B15B1247049}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1C76DAE-E2B2-41EE-801B-3E9D69D8B13A}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{3031581B-B895-41FE-BE61-D71E733A7EB4}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C727FE97-2BFC-4CC6-9DE8-4017614559DA}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{109DC5D2-65DD-41CE-84AF-48D9AAB0B717}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{9A3EAE5E-89B1-4AD2-8DFD-CB336B818FDD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{F91E551C-A116-48CC-B153-40A168C2E616}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{88534B71-581A-4D5F-B59D-6B2AF72CD5B4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{577290BA-FE8E-4C77-824B-6DEC20F4E200}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{6085BDC2-49FA-49F2-B94C-349731FF7144}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DC19986E-04F8-4976-A8C9-A877E30A65A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EB2C4A04-B263-4F53-8C48-25BD52BA1022}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF91B00A-D570-4A7D-A43A-656A7DCCF011}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C452347E-DFEE-4634-9D0E-C1B309A53B9B}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E54F1CF7-D890-4660-A8FF-3B33B3B48422}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{950EC891-E6F9-408D-9B5D-D7EC6AB72F0C}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1604F9C6-4398-4F60-88EC-A2176B902862}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C72357B3-559F-4A68-BBB2-3FBCBDBF7A1A}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{2BEAFD9D-1698-49B7-95F2-2A97A6FC0CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7582F3C4-C10A-4E89-90AB-C81232CBBCF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6420D1C-B234-4DA2-954A-726B72908CC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FB4EACAA-BF4A-49E8-A136-700565C97C0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{CEB9BBAB-08A5-4389-B817-020D69F17D79}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{3F6BDE10-997F-4291-A3B5-4F19C9293999}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7FBA1017-EA2A-4C53-B1AF-CAEE09FECB0F}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AC1A3B22-C1AE-40E1-BA66-72DD31308CD7}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{46862880-DA2A-4AA5-917B-832CD216B58B}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{81A9155B-97BA-42AA-84ED-DCDE97025F32}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5CCC69C3-4230-46E2-A782-737A0F54BC49}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{D2140964-DED8-4194-BAE6-3EA3D82B8B6F}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{EA757548-9659-449E-8199-E51C3F89E26D}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{00C2E2E4-3633-49B0-9970-4524C088C2B1}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{9E454426-9F44-4B08-A3DB-02FE95983C52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C3A48BD7-716E-4B88-AC0F-2E68EECF9CED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CB37054-8DFE-45C6-B743-0569AAC3CF0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B6515389-2662-43D2-8E06-F2C5290E9289}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0D4F991-F4B8-4F57-8100-4E837C976F1F}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{1C40E035-51C4-4CB8-80AD-D93FF9F5B8E2}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{43EDC139-DF01-4D40-8CDE-95A7B93F3938}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{439074AF-839D-4F06-964E-941A5FBF869B}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{C0E4A294-6429-44E1-9433-E1B2B666707D}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{77DFD709-BD5A-4749-882E-F9486930E8A5}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{37EB6D7F-DFCE-4039-9F1B-1CE7CB28305F}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{7B6ABA40-F303-4C47-8B04-6E79AB68BF95}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{43D3BF8B-4235-48FA-A8D1-CCEAB3DE7B26}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{2723C32B-DE08-477A-BC47-B9AE48A6B32C}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{B5D2E769-682B-4CA6-830D-7B3D6993DA0D}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [{153174ED-074B-4C06-86DF-3FE701EAE4B2}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [UDP Query User{0B868E1C-C3B3-4D2B-9B32-17D522FCE3FE}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [TCP Query User{ED90E7CB-DBBA-4801-BA56-79C8372373AB}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [{47DB389D-A6C1-40A5-A325-E412016A8B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D8920E0-8239-4023-A97E-CE5267CCD157}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D3173BA-064A-461E-A0CE-85179956DEA0}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{C093C513-6B31-4E3F-B857-CA50004719AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AF4945FB-B71B-4916-885F-A60C3898874D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EEEDCE2-1BCB-459D-A368-30C5CC49F0C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5B363055-D6FD-486B-B3D7-6EA6C33899E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FCADDE1-0029-47CB-998E-04C33F148A61}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{BB23A4F2-1441-462D-B0BB-FB7A03B332CA}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D4C7EA1B-1517-4351-A08E-564C66FE839B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBFBEA75-7A73-4E80-BB55-87284A15977E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B801FC59-120D-49DA-9EAE-BD56C4A18D81}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C441A6F7-E05E-4C85-ADB1-79104BFDB08E}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{1182DFCA-2A8B-47B3-A4A6-262E767AE0C9}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{7503F75F-238A-4A7C-899C-FB96C6019A07}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{EEEA93BE-EBEF-4499-806F-E2E33963FFF9}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{52211986-6A85-43E4-BE5A-1FC707E379E0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{FD01900F-317E-494C-83BA-D57748671EBB}] => (Allow) C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{434A2C7B-F770-4086-9BD0-4CAECC9527DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{847190F2-960B-451F-8F4D-456C9A44530C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{75F57C39-04D7-41C6-9643-BDC52266E5FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA513ED1-547C-4D5A-B36C-B7C94B26CCEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50C2DA0F-76A2-4917-9335-0F6223DBD2E4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [UDP Query User{64C3315C-C436-4FFA-9E36-F7EC7CEBD1A4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [TCP Query User{845F1EDC-DFDD-4A88-8640-1665F249666D}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [UDP Query User{71508D2D-3E58-4453-BB15-72BA86B6FCC3}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{CF9B3EB5-9D48-45C7-8343-EC606051C258}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{124E2EF1-88B1-43C5-871D-1F55AF3E0B38}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{5C5C2DFC-FFF6-4416-9B39-87041120CF09}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{642977D6-B138-4E9F-B7DB-EAD38DCA1682}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{7A70B9E9-6BD6-422E-93E1-CF728AF6DE15}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{9EDC662F-5646-461B-B397-FC57EE2E20BF}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CE89E561-D33C-4E57-9A60-0B730AB2F192}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [{B7D96811-0573-4899-98EC-A0893B9E88F7}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [TCP Query User{D9F4D7D1-32EB-40C0-8863-F86532D0D71F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{052CCC83-FB80-4C6F-B8DA-4E68E91C5CB4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1E12540D-455F-483A-A2CC-F21FAF82B23B}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0CAA0EC-C64E-4B2F-B4A6-53D829A11C1D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{52059795-9EF3-4B25-B320-F03FB1C1C544}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E34EFAEF-361F-4813-BD7C-E018EFD198F5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8766D8A0-9D2C-4170-A10D-F713DF360CF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{3118D20C-60CA-402F-BA96-45E77CF8079C}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{E3907755-C264-403D-A56A-45AEAC3CB4F4}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{764473A7-036F-4825-BB17-CF7B4414023C}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{A4D0C427-7344-4B19-9D6F-89526017F839}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{FA28E123-C83B-438B-B91A-21B1ACB30F98}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D645DE72-22F3-4D3A-A75D-A1A1FDF2ED80}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{119EC3DC-E7AA-4141-BE01-CFB25FA7A03C}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FEF82CAC-01D6-47C8-A17C-9AD1F9E4F4B6}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC1368CB-8DD5-4543-BEF2-315DCB2A08D7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{5B717D7D-AA42-4908-BBE6-3674B2966586}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C56B60BB-8721-488E-A9F8-2F6B2763092C}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8555A0F3-A453-40A2-B000-1A1426E60F11}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{ACE19388-438D-4F8B-B62E-90CB7288CCD7}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/19/2017 09:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 55.0.3.6445, Zeitstempel: 0x599ed78a
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x168
Startzeit der fehlerhaften Anwendung: 0x01d3317e3c197368
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: be20cbde-1b32-487f-9ab2-2f02e702ef22
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 55.0.3.6445, Zeitstempel: 0x599edbef
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x3944
Startzeit der fehlerhaften Anwendung: 0x01d3317e523afba7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: a815ae63-7104-4138-b0ab-fc219dde8d0b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:33:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:33:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/17/2017 12:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x59079dd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x56c
Startzeit der fehlerhaften Anwendung: 0x01d32c8d2faed14d
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 5dce9ebc-6bc4-455b-99c3-103d52523f16
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/17/2017 11:53:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/17/2017 10:22:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/16/2017 11:16:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/16/2017 10:55:18 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/15/2017 10:07:36 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (09/17/2017 12:08:24 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/17/2017 12:08:24 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (09/17/2017 12:08:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "SysMain" wurde mit folgendem Fehler beendet:
Die Anforderung wird nicht unterstützt.
Error: (09/17/2017 12:08:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/17/2017 12:08:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.09.2017 um 12:07:41 unerwartet heruntergefahren.
Error: (09/17/2017 12:07:29 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/17/2017 12:07:29 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/17/2017 12:07:29 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/17/2017 12:07:28 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/17/2017 12:07:28 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-08-23 16:10:28.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 8133.69 MB
Verfügbarer physikalischer RAM: 3677.13 MB
Summe virtueller Speicher: 18885.69 MB
Verfügbarer virtueller Speicher: 13703.34 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:110.8 GB) (Free:42.86 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:185.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 261C8E12)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C2F9017A)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
20.09.2017, 20:24
| #3 |
| /// TB-Ausbilder   | Microsoft-Ansage "Pc deaktivieren" Virus Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Wo erschien diese Meldung? In einem Internet-Browser bzw. während ein Browser geöffent war? Oder ganz normal unter Windows (ohne Browser), wenn der Rechner gestartet wird? Ist die Nachricht schon öfter erschienen? Schritt 1
Schritt 2
Schritt 3 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (20.09.2017 um 20:34 Uhr) |
|
20.09.2017, 20:41
| #4 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von Christophh (Administrator) auf CHRISTOPH (20-09-2017 21:38:27)
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh (Verfügbare Profile: Christophh)
Platform: Windows 10 Pro N Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVM Berlin) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-02-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebeed22-0f5c-4834-a642-ac386011e952}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-10-28] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-28] (DVDVideoSoft Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
FireFox:
========
FF DefaultProfile: wnpf6fue.default
FF ProfilePath: C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default [2017-09-20]
FF NetworkProxy: Mozilla\Firefox\Profiles\wnpf6fue.default -> type", 0
FF Extension: (OffersOlymp) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\@offersolymp.xpi [2017-08-24]
FF Extension: (ProxTube) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\ich@maltegoetz.de.xpi [2017-06-29]
FF Extension: (Adblock Plus) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default [2017-09-17]
CHR Extension: (Google Slides) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (OffersOlymp) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn [2017-08-23]
CHR Extension: (YouTube) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Steam Inventory Helper) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-08-23]
CHR Extension: (Google Search) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Yahoo Partner) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-23]
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bbiilhoacmmppcmcogfmaailncbelbgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [402768 2017-08-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-16] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-11-10] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2015-11-01] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [32792 2015-09-29] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-20 21:38 - 2017-09-20 21:38 - 000000000 ____D C:\Users\Christophh\Downloads\FRST-OlderVersion
2017-09-20 21:35 - 2017-09-20 21:35 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-09-20 18:39 - 2017-09-20 18:39 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 18:39 - 2017-09-20 18:39 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-09-20 18:39 - 2017-09-20 18:39 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-09-19 22:12 - 2017-09-19 22:12 - 000062755 _____ C:\Users\Christophh\Downloads\Addition.txt
2017-09-19 22:11 - 2017-09-20 21:38 - 000024179 _____ C:\Users\Christophh\Downloads\FRST.txt
2017-09-19 22:11 - 2017-09-20 21:38 - 000000000 ____D C:\FRST
2017-09-19 22:10 - 2017-09-20 21:38 - 002399744 _____ (Farbar) C:\Users\Christophh\Downloads\FRST64.exe
2017-09-12 23:00 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-12 23:00 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-12 23:00 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-12 23:00 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 23:00 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 23:00 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-12 23:00 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-12 23:00 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-12 23:00 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-12 22:59 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-12 22:59 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-12 22:59 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-12 22:59 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-12 22:59 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-12 22:59 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-12 22:59 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-12 22:59 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-12 22:59 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-12 22:59 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-12 22:59 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-12 22:59 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-12 22:59 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-12 22:59 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-12 22:59 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-12 22:59 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-12 22:59 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-12 22:59 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-12 22:59 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-12 22:59 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-12 22:59 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-12 22:59 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-12 22:59 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-12 22:59 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-12 22:59 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-12 22:59 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-12 22:59 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-12 22:59 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-12 22:59 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-12 22:59 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-12 22:59 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-12 22:59 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-12 22:59 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-06 23:49 - 2017-09-06 23:49 - 000000041 _____ C:\Users\Christophh\Desktop\sky.txt
2017-09-05 00:11 - 2017-09-05 00:11 - 005004137 _____ C:\Users\Christophh\Desktop\867c5e9ab0891a8d.mp4
2017-08-27 19:38 - 2017-08-27 19:38 - 000461541 _____ C:\Users\Christophh\Downloads\8CTVBK
2017-08-27 19:36 - 2017-08-27 19:36 - 000188608 _____ C:\Users\Christophh\Downloads\Documents(1).zip
2017-08-27 19:36 - 2017-06-07 11:04 - 000037225 ____N C:\Users\Christophh\Desktop\Tutorium06-SS17.pdf
2017-08-27 19:36 - 2017-05-29 11:33 - 000037344 ____N C:\Users\Christophh\Desktop\Tutorium05-SS17.pdf
2017-08-27 19:36 - 2017-05-24 15:05 - 000037470 ____N C:\Users\Christophh\Desktop\Tutorium04-SS17.pdf
2017-08-27 19:36 - 2017-05-17 11:57 - 000037932 ____N C:\Users\Christophh\Desktop\Tutorium03-SS17.pdf
2017-08-27 19:36 - 2017-05-15 08:43 - 000032988 ____N C:\Users\Christophh\Desktop\Tutorium02-SS17.pdf
2017-08-27 19:36 - 2017-05-04 09:54 - 000048413 ____N C:\Users\Christophh\Desktop\Tutorium01-SS17.pdf
2017-08-27 19:35 - 2017-08-27 19:35 - 015613585 _____ C:\Users\Christophh\Downloads\Documents.zip
2017-08-26 21:39 - 2017-08-26 21:39 - 020317282 _____ C:\Users\Christophh\Downloads\Gmail.zip
2017-08-23 19:05 - 2017-08-23 19:05 - 000000000 ____D C:\Steamspiele
2017-08-23 16:11 - 2017-09-20 21:37 - 000000000 ____D C:\Users\Christophh\AppData\Local\Spotify
2017-08-23 16:11 - 2017-09-20 21:36 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Spotify
2017-08-23 16:11 - 2017-08-23 16:11 - 000001914 _____ C:\Users\Christophh\Desktop\Spotify.lnk
2017-08-23 16:11 - 2017-08-23 16:11 - 000001900 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-23 16:10 - 2017-08-23 16:10 - 058203272 _____ (Spotify Ltd) C:\Users\Christophh\Downloads\SpotifyFullSetup.exe
2017-08-23 16:10 - 2017-08-23 16:10 - 000000247 _____ C:\SILENT
2017-08-23 16:10 - 2017-08-23 16:10 - 000000000 ____D C:\Program Files (x86)\Offers Olymp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-20 21:38 - 2017-06-27 13:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-20 21:38 - 2015-11-08 15:35 - 000000000 ____D C:\Users\Christophh\AppData\Local\LogMeIn Hamachi
2017-09-20 21:37 - 2016-11-20 12:30 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Mozilla
2017-09-20 21:37 - 2015-12-18 22:56 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Skype
2017-09-20 21:36 - 2017-06-27 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-20 21:36 - 2015-10-16 15:11 - 000000000 ____D C:\ProgramData\Origin
2017-09-20 21:35 - 2017-06-27 13:16 - 000000000 ____D C:\Users\Christophh
2017-09-20 21:35 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-20 21:29 - 2017-06-27 13:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B4380E-769C-4734-94C3-69A9011C9AF2}
2017-09-20 18:55 - 2015-10-28 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-20 18:38 - 2015-10-16 13:14 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-09-19 22:10 - 2017-06-30 17:03 - 000000000 ____D C:\Users\Christophh\AppData\Local\Deployment
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-19 21:37 - 2017-06-27 13:25 - 002490142 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-19 21:37 - 2017-03-20 06:40 - 001145038 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-19 21:37 - 2017-03-20 06:40 - 000261166 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-19 21:36 - 2017-03-18 23:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 21:36 - 2017-03-18 23:00 - 000000000 ____D C:\WINDOWS\INF
2017-09-17 12:09 - 2015-10-16 15:20 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\TS3Client
2017-09-17 12:06 - 2017-06-27 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-14 14:14 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\rescache
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-13 18:48 - 2015-10-16 13:14 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-09-13 14:38 - 2017-06-27 13:15 - 000381288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 14:38 - 2016-04-27 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 00:07 - 2017-03-20 06:39 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 23:02 - 2015-10-16 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:01 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 23:01 - 2015-10-16 13:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-08 10:01 - 2017-07-27 14:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647985832-747989680-4269839675-1001
2017-09-08 10:01 - 2016-07-29 20:50 - 000002437 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-08 10:01 - 2015-10-28 19:14 - 000000000 ___RD C:\Users\Christophh\OneDrive
2017-09-02 19:30 - 2015-10-16 15:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-02 17:57 - 2016-01-24 17:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-02 17:15 - 2017-03-18 23:04 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:04 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 19:58 - 2016-11-19 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-27 19:58 - 2015-10-16 14:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-25 15:44 - 2017-07-27 22:57 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-25 15:40 - 2016-01-15 21:16 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-25 15:40 - 2016-01-15 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-24 21:30 - 2016-08-12 16:59 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 21:30 - 2016-08-12 16:59 - 000000000 ____D C:\Users\Christophh\AppData\Local\UnrealEngine
2017-08-23 14:38 - 2015-10-28 19:16 - 000000000 ____D C:\Users\Christophh\AppData\Local\MSfree Inc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 20:07 - 2017-01-27 18:49 - 000007591 _____ () C:\Users\Christophh\AppData\Local\Resmon.ResmonCfg
2015-10-29 20:55 - 2015-10-29 20:55 - 000000003 _____ () C:\Users\Christophh\AppData\Local\updater.log
2015-10-29 20:55 - 2017-05-06 11:08 - 000000425 _____ () C:\Users\Christophh\AppData\Local\UserProducts.xml
2016-09-25 17:14 - 2016-09-25 17:14 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-20 18:48
==================== Ende von FRST.txt ============================
Code:
ATTFilter 21:40:12.0964 0x310c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:40:12.0964 0x310c UEFI system
21:40:15.0552 0x310c ============================================================
21:40:15.0552 0x310c Current date / time: 2017/09/20 21:40:15.0552
21:40:15.0553 0x310c SystemInfo:
21:40:15.0553 0x310c
21:40:15.0553 0x310c OS Version: 10.0.15063 ServicePack: 0.0
21:40:15.0553 0x310c Product type: Workstation
21:40:15.0553 0x310c ComputerName: CHRISTOPH
21:40:15.0553 0x310c UserName: Christophh
21:40:15.0553 0x310c Windows directory: C:\WINDOWS
21:40:15.0553 0x310c System windows directory: C:\WINDOWS
21:40:15.0553 0x310c Running under WOW64
21:40:15.0553 0x310c Processor architecture: Intel x64
21:40:15.0553 0x310c Number of processors: 8
21:40:15.0553 0x310c Page size: 0x1000
21:40:15.0553 0x310c Boot type: Normal boot
21:40:15.0553 0x310c CodeIntegrityOptions = 0x00000001
21:40:15.0553 0x310c ============================================================
21:40:15.0717 0x310c KLMD registered as C:\WINDOWS\system32\drivers\86904143.sys
21:40:15.0717 0x310c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:40:15.0762 0x310c System UUID: {42818D32-713F-D9C6-D168-EF1613B04455}
21:40:15.0982 0x310c Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:15.0983 0x310c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:15.0984 0x310c ============================================================
21:40:15.0984 0x310c \Device\Harddisk0\DR0:
21:40:15.0984 0x310c GPT partitions:
21:40:15.0985 0x310c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A7057A71-64BE-4C51-9C2D-286A09E72273}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
21:40:15.0985 0x310c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AE59B4F8-3AA4-4017-9E7F-D89BC81A53FD}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
21:40:15.0985 0x310c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {172A688E-7891-4698-A7EE-9D801249C17B}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
21:40:15.0985 0x310c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EE7D1E2A-286A-4206-AA2F-5A41664D81A9}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0xDD99FAE
21:40:15.0985 0x310c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D5DD98AC-9B0E-4188-8FE7-774B59039CDD}, Name: , StartLBA 0xDEA2800, BlocksNum 0xF2000
21:40:15.0985 0x310c MBR partitions:
21:40:15.0985 0x310c \Device\Harddisk1\DR1:
21:40:16.0007 0x310c GPT partitions:
21:40:16.0008 0x310c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74C63CD4-A3CE-41EC-87C4-03A03F8F8252}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x74706000
21:40:16.0008 0x310c MBR partitions:
21:40:16.0008 0x310c ============================================================
21:40:16.0008 0x310c C: <-> \Device\Harddisk0\DR0\Partition4
21:40:16.0033 0x310c D: <-> \Device\Harddisk1\DR1\Partition1
21:40:16.0033 0x310c ============================================================
21:40:16.0033 0x310c Initialize success
21:40:16.0033 0x310c ============================================================
21:40:39.0757 0x249c ============================================================
21:40:39.0757 0x249c Scan started
21:40:39.0757 0x249c Mode: Manual; SigCheck; TDLFS;
21:40:39.0757 0x249c ============================================================
21:40:39.0757 0x249c KSN ping started
21:40:39.0870 0x249c KSN ping finished: true
21:40:40.0427 0x249c ================ Scan system memory ========================
21:40:40.0427 0x249c System memory - ok
21:40:40.0427 0x249c ================ Scan services =============================
21:40:40.0450 0x249c 1394ohci - ok
21:40:40.0452 0x249c 3ware - ok
21:40:40.0454 0x249c ACPI - ok
21:40:40.0456 0x249c AcpiDev - ok
21:40:40.0458 0x249c acpiex - ok
21:40:40.0460 0x249c acpipagr - ok
21:40:40.0462 0x249c AcpiPmi - ok
21:40:40.0463 0x249c acpitime - ok
21:40:40.0467 0x249c [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:40:40.0481 0x249c AdobeARMservice - ok
21:40:40.0498 0x249c [ 3E27E2DAA6869642B2DCB85C777E38B7, FB60068DFEA117006D8236DE73CC5A9B65272C6F739E2C8D1DD771360B9D989F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:40:40.0506 0x249c AdobeFlashPlayerUpdateSvc - ok
21:40:40.0510 0x249c ADP80XX - ok
21:40:40.0512 0x249c AFD - ok
21:40:40.0514 0x249c ahcache - ok
21:40:40.0516 0x249c AJRouter - ok
21:40:40.0519 0x249c ALG - ok
21:40:40.0521 0x249c AmdK8 - ok
21:40:40.0523 0x249c AmdPPM - ok
21:40:40.0525 0x249c amdsata - ok
21:40:40.0527 0x249c amdsbs - ok
21:40:40.0529 0x249c amdxata - ok
21:40:40.0546 0x249c [ 9C1974448C54690510224184B742716A, 4CD1ED929C5DDAF2A5850F83DAC4B1223FDAF35BD8547435BCDC76D501DF0D63 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:40:40.0568 0x249c AntiVirMailService - ok
21:40:40.0577 0x249c [ 6FBD71CC9E997C9A7D62BF9CE1F59352, 55CD16DE14308B13DA824E52FB8BFC8D63DE6A7F74C42DB7B61B035633410FE8 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:40:40.0587 0x249c AntiVirSchedulerService - ok
21:40:40.0595 0x249c [ 6FBD71CC9E997C9A7D62BF9CE1F59352, 55CD16DE14308B13DA824E52FB8BFC8D63DE6A7F74C42DB7B61B035633410FE8 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:40:40.0604 0x249c AntiVirService - ok
21:40:40.0626 0x249c [ A1314FD19CC8C2B8C4A9B34EC676B9BE, EB462CF4483D681E74302F90A6E5C4FCFB4DAAD94BE490518CB356F36FC99DD8 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:40:40.0648 0x249c AntiVirWebService - ok
21:40:40.0651 0x249c AppID - ok
21:40:40.0653 0x249c AppIDSvc - ok
21:40:40.0654 0x249c Appinfo - ok
21:40:40.0656 0x249c applockerfltr - ok
21:40:40.0658 0x249c AppMgmt - ok
21:40:40.0660 0x249c AppReadiness - ok
21:40:40.0662 0x249c AppVClient - ok
21:40:40.0663 0x249c AppvStrm - ok
21:40:40.0665 0x249c AppvVemgr - ok
21:40:40.0667 0x249c AppvVfs - ok
21:40:40.0669 0x249c AppXSvc - ok
21:40:40.0670 0x249c arcsas - ok
21:40:40.0688 0x249c [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
21:40:40.0703 0x249c asComSvc - ok
21:40:40.0718 0x249c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
21:40:40.0721 0x249c AsIO - ok
21:40:40.0723 0x249c AsyncMac - ok
21:40:40.0725 0x249c atapi - ok
21:40:40.0728 0x249c AudioEndpointBuilder - ok
21:40:40.0729 0x249c Audiosrv - ok
21:40:40.0732 0x249c [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot C:\WINDOWS\system32\DRIVERS\avdevprot.sys
21:40:40.0736 0x249c avdevprot - ok
21:40:40.0741 0x249c [ 9C3F66BBFD2AFF843E54CC5E5A5D16BF, 4BC379482202BF32C6DEFA31B15F419DA7C20E1C2BCD238E2DCEEC36711E3A01 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:40:40.0746 0x249c avgntflt - ok
21:40:40.0751 0x249c [ DBF479B12BDAF969745D6A7132465D9E, 0358C419E631BCF548A2AC0EECABDE768435E224EFC888345EEB4DE37D119E62 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:40:40.0756 0x249c avipbb - ok
21:40:40.0764 0x249c [ 771E6338FD62E448D330148BDF428B29, 8AEC795862F25AB1D7300D6D0082F60A5AE96C80D4E32A8567EAAC5341702D14 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:40:40.0774 0x249c Avira.ServiceHost - ok
21:40:40.0777 0x249c [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:40:40.0782 0x249c avkmgr - ok
21:40:40.0785 0x249c [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\WINDOWS\System32\drivers\avmaura.sys
21:40:40.0793 0x249c avmaura - ok
21:40:40.0797 0x249c [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:40:40.0802 0x249c avnetflt - ok
21:40:40.0804 0x249c AxInstSV - ok
21:40:40.0806 0x249c b06bdrv - ok
21:40:40.0808 0x249c BasicDisplay - ok
21:40:40.0809 0x249c BasicRender - ok
21:40:40.0812 0x249c bcmfn2 - ok
21:40:40.0814 0x249c BDESVC - ok
21:40:40.0816 0x249c Beep - ok
21:40:40.0836 0x249c [ F2926650190022DB0700549B09FB7BD3, 70BDD5DCD7660436A413E3D41125DAA93A991058377DEE7C0028C2CFCB024C44 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:40:40.0858 0x249c BEService - ok
21:40:40.0861 0x249c BFE - ok
21:40:40.0863 0x249c BITS - ok
21:40:40.0866 0x249c bowser - ok
21:40:40.0868 0x249c BrokerInfrastructure - ok
21:40:40.0869 0x249c Browser - ok
21:40:40.0871 0x249c BthAvrcpTg - ok
21:40:40.0873 0x249c BthHFEnum - ok
21:40:40.0875 0x249c bthhfhid - ok
21:40:40.0877 0x249c BthHFSrv - ok
21:40:40.0879 0x249c BTHMODEM - ok
21:40:40.0881 0x249c bthserv - ok
21:40:40.0885 0x249c [ 0572F7D579759EE54B44A74B7E7F39B2, 829AC2296F879F738F004DF7224B2B9144A451A10505AF1F389904FBB80E7D0E ] busenum C:\WINDOWS\System32\drivers\SteelBus64.sys
21:40:40.0890 0x249c busenum - detected UnsignedFile.Multi.Generic ( 1 )
21:40:40.0935 0x249c Detect skipped due to KSN trusted
21:40:40.0935 0x249c busenum - ok
21:40:40.0937 0x249c buttonconverter - ok
21:40:40.0939 0x249c CAD - ok
21:40:40.0941 0x249c CapImg - ok
21:40:40.0943 0x249c cdfs - ok
21:40:40.0944 0x249c CDPSvc - ok
21:40:40.0946 0x249c CDPUserSvc - ok
21:40:40.0949 0x249c cdrom - ok
21:40:40.0950 0x249c CertPropSvc - ok
21:40:40.0952 0x249c cht4iscsi - ok
21:40:40.0954 0x249c cht4vbd - ok
21:40:40.0955 0x249c circlass - ok
21:40:40.0957 0x249c CldFlt - ok
21:40:40.0959 0x249c CLFS - ok
21:40:41.0017 0x249c [ C9FF79CD4268FB18314B09BDE296F0AD, C113201D7FCCE9E77549402900AC910262CE99B3072DE2E04A794C3D09454BFF ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:40:41.0076 0x249c ClickToRunSvc - ok
21:40:41.0081 0x249c ClipSVC - ok
21:40:41.0083 0x249c clreg - ok
21:40:41.0088 0x249c CmBatt - ok
21:40:41.0132 0x249c [ 12145BABD827F3B68B27A4F73B7284CD, 29F539A3CE770D9B719FCDF055FCCD46353FC2A3752DCAE95F3C171CB40D1A44 ] cmudaxp C:\WINDOWS\system32\drivers\cmudaxp.sys
21:40:41.0187 0x249c cmudaxp - ok
21:40:41.0191 0x249c CNG - ok
21:40:41.0193 0x249c cnghwassist - ok
21:40:41.0204 0x249c CompositeBus - ok
21:40:41.0206 0x249c COMSysApp - ok
21:40:41.0208 0x249c condrv - ok
21:40:41.0210 0x249c CoreMessagingRegistrar - ok
21:40:41.0215 0x249c cpuz143 - ok
21:40:41.0218 0x249c CryptSvc - ok
21:40:41.0227 0x249c CSC - ok
21:40:41.0229 0x249c CscService - ok
21:40:41.0231 0x249c dam - ok
21:40:41.0234 0x249c DcomLaunch - ok
21:40:41.0236 0x249c defragsvc - ok
21:40:41.0237 0x249c DeviceAssociationService - ok
21:40:41.0239 0x249c DeviceInstall - ok
21:40:41.0241 0x249c DevicesFlowUserSvc - ok
21:40:41.0243 0x249c DevQueryBroker - ok
21:40:41.0245 0x249c Dfsc - ok
21:40:41.0249 0x249c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:40:41.0254 0x249c dg_ssudbus - ok
21:40:41.0256 0x249c Dhcp - ok
21:40:41.0258 0x249c diagnosticshub.standardcollector.service - ok
21:40:41.0260 0x249c DiagTrack - ok
21:40:41.0273 0x249c [ 0CF021625D0B9EECB5AE230B3A4CF00C, FA14D394A9CCABD7600B0E63C1411CF88A37D9256351E9403BFEB34D9FDA8DB6 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:40:41.0283 0x249c DigitalWave.Update.Service - ok
21:40:41.0286 0x249c Disk - ok
21:40:41.0288 0x249c DmEnrollmentSvc - ok
21:40:41.0290 0x249c dmvsc - ok
21:40:41.0292 0x249c dmwappushservice - ok
21:40:41.0294 0x249c Dnscache - ok
21:40:41.0297 0x249c dot3svc - ok
21:40:41.0298 0x249c DPS - ok
21:40:41.0300 0x249c drmkaud - ok
21:40:41.0302 0x249c DsmSvc - ok
21:40:41.0304 0x249c DsSvc - ok
21:40:41.0305 0x249c DusmSvc - ok
21:40:41.0307 0x249c DXGKrnl - ok
21:40:41.0309 0x249c e1iexpress - ok
21:40:41.0311 0x249c EapHost - ok
21:40:41.0312 0x249c EasyAntiCheat - ok
21:40:41.0314 0x249c ebdrv - ok
21:40:41.0316 0x249c EFS - ok
21:40:41.0318 0x249c EhStorClass - ok
21:40:41.0319 0x249c EhStorTcgDrv - ok
21:40:41.0321 0x249c embeddedmode - ok
21:40:41.0322 0x249c EntAppSvc - ok
21:40:41.0324 0x249c ErrDev - ok
21:40:41.0327 0x249c EventSystem - ok
21:40:41.0329 0x249c exfat - ok
21:40:41.0331 0x249c fastfat - ok
21:40:41.0332 0x249c Fax - ok
21:40:41.0334 0x249c fdc - ok
21:40:41.0336 0x249c fdPHost - ok
21:40:41.0338 0x249c FDResPub - ok
21:40:41.0340 0x249c fhsvc - ok
21:40:41.0341 0x249c FileCrypt - ok
21:40:41.0343 0x249c FileInfo - ok
21:40:41.0345 0x249c Filetrace - ok
21:40:41.0347 0x249c flpydisk - ok
21:40:41.0348 0x249c FltMgr - ok
21:40:41.0350 0x249c FontCache - ok
21:40:41.0352 0x249c FontCache3.0.0.0 - ok
21:40:41.0353 0x249c FrameServer - ok
21:40:41.0355 0x249c FsDepends - ok
21:40:41.0358 0x249c Fs_Rec - ok
21:40:41.0360 0x249c fvevol - ok
21:40:41.0361 0x249c gencounter - ok
21:40:41.0363 0x249c genericusbfn - ok
21:40:41.0365 0x249c GPIOClx0101 - ok
21:40:41.0367 0x249c gpsvc - ok
21:40:41.0368 0x249c GpuEnergyDrv - ok
21:40:41.0372 0x249c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:40:41.0377 0x249c gupdate - ok
21:40:41.0380 0x249c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:40:41.0384 0x249c gupdatem - ok
21:40:41.0388 0x249c [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\System32\drivers\Hamdrv.sys
21:40:41.0396 0x249c Hamachi - ok
21:40:41.0438 0x249c [ 779D28A8A2DAAED18575E70AE8EB95C3, F0BA0EF8F2385C9405834299DA54D84DF407A3AB37B443920F8FCE254A1F79DF ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
21:40:41.0489 0x249c Hamachi2Svc - ok
21:40:41.0494 0x249c HdAudAddService - ok
21:40:41.0496 0x249c HDAudBus - ok
21:40:41.0499 0x249c HidBatt - ok
21:40:41.0501 0x249c HidBth - ok
21:40:41.0502 0x249c hidi2c - ok
21:40:41.0504 0x249c hidinterrupt - ok
21:40:41.0506 0x249c HidIr - ok
21:40:41.0508 0x249c hidserv - ok
21:40:41.0510 0x249c HidUsb - ok
21:40:41.0559 0x249c [ B7081417E9037B5E8693E01E2FBC13D0, 5B2E4FF00507D6639B5A33281A9897F0DB84FE258B3F38C0B97BC577BB2B2DB6 ] HiPatchService D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
21:40:41.0561 0x249c HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
21:40:41.0700 0x249c Detect skipped due to KSN trusted
21:40:41.0700 0x249c HiPatchService - ok
21:40:41.0703 0x249c HomeGroupListener - ok
21:40:41.0705 0x249c HomeGroupProvider - ok
21:40:41.0707 0x249c HpSAMD - ok
21:40:41.0708 0x249c HTTP - ok
21:40:41.0710 0x249c HvHost - ok
21:40:41.0712 0x249c hvservice - ok
21:40:41.0714 0x249c hwpolicy - ok
21:40:41.0715 0x249c hyperkbd - ok
21:40:41.0717 0x249c i8042prt - ok
21:40:41.0719 0x249c iagpio - ok
21:40:41.0721 0x249c iai2c - ok
21:40:41.0723 0x249c iaLPSS2i_GPIO2 - ok
21:40:41.0724 0x249c iaLPSS2i_GPIO2_BXT_P - ok
21:40:41.0726 0x249c iaLPSS2i_I2C - ok
21:40:41.0728 0x249c iaLPSS2i_I2C_BXT_P - ok
21:40:41.0730 0x249c iaLPSSi_GPIO - ok
21:40:41.0732 0x249c iaLPSSi_I2C - ok
21:40:41.0746 0x249c [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:40:41.0758 0x249c iaStorA - ok
21:40:41.0761 0x249c iaStorAV - ok
21:40:41.0763 0x249c [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:40:41.0767 0x249c IAStorDataMgrSvc - ok
21:40:41.0769 0x249c iaStorV - ok
21:40:41.0771 0x249c ibbus - ok
21:40:41.0773 0x249c icssvc - ok
21:40:41.0774 0x249c IKEEXT - ok
21:40:41.0777 0x249c IndirectKmd - ok
21:40:41.0794 0x249c [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:40:41.0808 0x249c Intel(R) Capability Licensing Service TCP IP Interface - ok
21:40:41.0814 0x249c [ E42505363945956ECB5D38A4EB21CB39, C6A46A7621721EB1EA46E5F7D2E560D8022A97241F0792814015F803D96A2C92 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:40:41.0823 0x249c Intel(R) PROSet Monitoring Service - ok
21:40:41.0825 0x249c intelide - ok
21:40:41.0827 0x249c intelpep - ok
21:40:41.0828 0x249c intelppm - ok
21:40:41.0830 0x249c iorate - ok
21:40:41.0832 0x249c IpFilterDriver - ok
21:40:41.0833 0x249c iphlpsvc - ok
21:40:41.0835 0x249c IPMIDRV - ok
21:40:41.0837 0x249c IPNAT - ok
21:40:41.0839 0x249c IpxlatCfgSvc - ok
21:40:41.0840 0x249c irda - ok
21:40:41.0842 0x249c IRENUM - ok
21:40:41.0844 0x249c irmon - ok
21:40:41.0847 0x249c isapnp - ok
21:40:41.0848 0x249c iScsiPrt - ok
21:40:41.0852 0x249c [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:40:41.0858 0x249c jhi_service - ok
21:40:41.0860 0x249c kbdclass - ok
21:40:41.0861 0x249c kbdhid - ok
21:40:41.0863 0x249c kdnic - ok
21:40:41.0865 0x249c KeyIso - ok
21:40:41.0867 0x249c KSecDD - ok
21:40:41.0869 0x249c KSecPkg - ok
21:40:41.0870 0x249c ksthunk - ok
21:40:41.0872 0x249c KtmRm - ok
21:40:41.0874 0x249c LanmanServer - ok
21:40:41.0876 0x249c LanmanWorkstation - ok
21:40:41.0878 0x249c lfsvc - ok
21:40:41.0880 0x249c LicenseManager - ok
21:40:41.0881 0x249c lltdio - ok
21:40:41.0882 0x249c lltdsvc - ok
21:40:41.0884 0x249c lmhosts - ok
21:40:41.0891 0x249c [ 0554F3B69D39D175DD110D765C11347A, A57D5CE0CBA04806EB0C6D8943D85C5AB63119A99FA8F8000BDF54CCCD1C1BF9 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
21:40:41.0899 0x249c LMIGuardianSvc - ok
21:40:41.0906 0x249c [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:40:41.0914 0x249c LMS - ok
21:40:41.0917 0x249c LSI_SAS - ok
21:40:41.0919 0x249c LSI_SAS2i - ok
21:40:41.0920 0x249c LSI_SAS3i - ok
21:40:41.0922 0x249c LSI_SSS - ok
21:40:41.0924 0x249c LSM - ok
21:40:41.0925 0x249c luafv - ok
21:40:41.0927 0x249c MapsBroker - ok
21:40:41.0930 0x249c mausbhost - ok
21:40:41.0931 0x249c mausbip - ok
21:40:41.0933 0x249c megasas - ok
21:40:41.0935 0x249c megasas2i - ok
21:40:41.0937 0x249c megasr - ok
21:40:41.0940 0x249c [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:40:41.0946 0x249c MEIx64 - ok
21:40:41.0948 0x249c MessagingService - ok
21:40:41.0951 0x249c mlx4_bus - ok
21:40:41.0952 0x249c MMCSS - ok
21:40:41.0954 0x249c Modem - ok
21:40:41.0956 0x249c monitor - ok
21:40:41.0957 0x249c mouclass - ok
21:40:41.0959 0x249c mouhid - ok
21:40:41.0960 0x249c mountmgr - ok
21:40:41.0965 0x249c [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:40:41.0971 0x249c MozillaMaintenance - ok
21:40:41.0973 0x249c mpsdrv - ok
21:40:41.0974 0x249c MpsSvc - ok
21:40:41.0976 0x249c MRxDAV - ok
21:40:41.0977 0x249c mrxsmb - ok
21:40:41.0979 0x249c mrxsmb10 - ok
21:40:41.0980 0x249c mrxsmb20 - ok
21:40:41.0982 0x249c MsBridge - ok
21:40:41.0984 0x249c MSDTC - ok
21:40:41.0987 0x249c Msfs - ok
21:40:41.0989 0x249c msgpiowin32 - ok
21:40:41.0990 0x249c mshidkmdf - ok
21:40:41.0992 0x249c mshidumdf - ok
21:40:41.0994 0x249c msisadrv - ok
21:40:41.0996 0x249c MSiSCSI - ok
21:40:41.0997 0x249c msiserver - ok
21:40:41.0999 0x249c MSKSSRV - ok
21:40:42.0001 0x249c MsLldp - ok
21:40:42.0002 0x249c MSPCLOCK - ok
21:40:42.0004 0x249c MSPQM - ok
21:40:42.0006 0x249c MsRPC - ok
21:40:42.0008 0x249c MsSecFlt - ok
21:40:42.0010 0x249c mssmbios - ok
21:40:42.0012 0x249c MSTEE - ok
21:40:42.0013 0x249c MTConfig - ok
21:40:42.0015 0x249c Mup - ok
21:40:42.0017 0x249c mvumis - ok
21:40:42.0020 0x249c [ 1898CEDA3247213C084F43637EF163B3, 4429F32DB1CC70567919D7D47B844A91CF1329A6CD116F582305F3B7B60CD60B ] NAL C:\WINDOWS\system32\Drivers\iqvw64e.sys
21:40:42.0024 0x249c NAL - ok
21:40:42.0027 0x249c NativeWifiP - ok
21:40:42.0029 0x249c NaturalAuthentication - ok
21:40:42.0030 0x249c NcaSvc - ok
21:40:42.0032 0x249c NcbService - ok
21:40:42.0034 0x249c NcdAutoSetup - ok
21:40:42.0036 0x249c ndfltr - ok
21:40:42.0038 0x249c NDIS - ok
21:40:42.0040 0x249c NdisCap - ok
21:40:42.0041 0x249c NdisImPlatform - ok
21:40:42.0043 0x249c NdisTapi - ok
21:40:42.0045 0x249c Ndisuio - ok
21:40:42.0047 0x249c NdisVirtualBus - ok
21:40:42.0048 0x249c NdisWan - ok
21:40:42.0050 0x249c ndiswanlegacy - ok
21:40:42.0052 0x249c ndproxy - ok
21:40:42.0053 0x249c Ndu - ok
21:40:42.0055 0x249c NetAdapterCx - ok
21:40:42.0056 0x249c NetBIOS - ok
21:40:42.0059 0x249c NetBT - ok
21:40:42.0061 0x249c Netlogon - ok
21:40:42.0063 0x249c Netman - ok
21:40:42.0065 0x249c netprofm - ok
21:40:42.0066 0x249c NetSetupSvc - ok
21:40:42.0070 0x249c NetTcpPortSharing - ok
21:40:42.0072 0x249c netvsc - ok
21:40:42.0075 0x249c NgcCtnrSvc - ok
21:40:42.0076 0x249c NgcSvc - ok
21:40:42.0078 0x249c NlaSvc - ok
21:40:42.0080 0x249c Npfs - ok
21:40:42.0081 0x249c npsvctrig - ok
21:40:42.0083 0x249c nsi - ok
21:40:42.0085 0x249c nsiproxy - ok
21:40:42.0087 0x249c NTFS - ok
21:40:42.0089 0x249c Null - ok
21:40:42.0098 0x249c [ 7C87B6C03A27AF13C97B8DC69DE1E0A8, D938352DA52EA13C004A3116F3F25E1722F8A786621D00A3473B071028D30E1C ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:40:42.0108 0x249c NvContainerLocalSystem - ok
21:40:42.0117 0x249c [ 7C87B6C03A27AF13C97B8DC69DE1E0A8, D938352DA52EA13C004A3116F3F25E1722F8A786621D00A3473B071028D30E1C ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:40:42.0126 0x249c NvContainerNetworkService - ok
21:40:42.0128 0x249c nvdimmn - ok
21:40:42.0134 0x249c [ 6E256C42FD27FADEA9BDD2E98CB53FE4, 8E2BDADFCC4B0C7208E937462DDF9CD9810E1B66375BD22F26C5D94376BDEC44 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
21:40:42.0140 0x249c NVHDA - ok
21:40:42.0417 0x249c [ BD000446F0B4FA1E87E7D10356C49564, 95F495549F35FFD64D3132D46923D1502C10AC77E7031EE1DE629E218EC584E0 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
21:40:42.0593 0x249c nvlddmkm - ok
21:40:42.0605 0x249c nvraid - ok
21:40:42.0606 0x249c nvstor - ok
21:40:42.0608 0x249c [ 191DAD20FA73E099BAD05953892EAF18, FA99677CA732EC58CC9FC717DA64C2591F8371E2877CE6DFC684DC3A4D5B66AD ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:40:42.0612 0x249c NvStreamKms - ok
21:40:42.0621 0x249c [ F0E82FD4F609E50CBF198F04C9F66A46, AE555BAD65D75DD9D4F7D6C76098448D7055A8298D037D0FA3DE640A50E34A21 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
21:40:42.0629 0x249c NvTelemetryContainer - ok
21:40:42.0632 0x249c [ 8736A38B0326664CA7BA4E5DE51EBC9D, C218220C987197C6E60514A5425F459011A70350F7AAE1824851B879FF542906 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:40:42.0636 0x249c nvvad_WaveExtensible - ok
21:40:42.0639 0x249c [ BCEBAC08D60020C800E1A80B257DCE43, C2BCDF9C0233E7BD82951FBCD41E2861EAB17684F277208DD28AE0E93360D9C5 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
21:40:42.0643 0x249c nvvhci - ok
21:40:42.0645 0x249c OneSyncSvc - ok
21:40:42.0672 0x249c [ 731906F749FDB1F8E3CAE9E3DD34919A, 4ADEC2468A0048765CD177D8EED5D92C24FAD086CA918C7AAE9707326FB54150 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:40:42.0701 0x249c Origin Client Service - ok
21:40:42.0738 0x249c [ 98E9A68A78ADC072E7A78723C8E94234, E7A4141168BF08A8C89091237ECDA8FE9F6E6C5BFEF7E9CE041CB43844608038 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
21:40:42.0777 0x249c Origin Web Helper Service - ok
21:40:42.0783 0x249c [ 6C7A7FDB373D42102A114CED1CB2EB30, 2ABEBB0687F77DFA5F65635042F4F15B7C31FCA8C037BA4A15385EC4579335D8 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:40:42.0791 0x249c ose - ok
21:40:42.0793 0x249c p2pimsvc - ok
21:40:42.0794 0x249c p2psvc - ok
21:40:42.0798 0x249c Parport - ok
21:40:42.0799 0x249c partmgr - ok
21:40:42.0801 0x249c PcaSvc - ok
21:40:42.0803 0x249c pci - ok
21:40:42.0805 0x249c pciide - ok
21:40:42.0806 0x249c pcmcia - ok
21:40:42.0808 0x249c pcw - ok
21:40:42.0810 0x249c pdc - ok
21:40:42.0811 0x249c PEAUTH - ok
21:40:42.0813 0x249c PeerDistSvc - ok
21:40:42.0815 0x249c percsas2i - ok
21:40:42.0816 0x249c percsas3i - ok
21:40:42.0828 0x249c PerfHost - ok
21:40:42.0832 0x249c PhoneSvc - ok
21:40:42.0834 0x249c PimIndexMaintenanceSvc - ok
21:40:42.0836 0x249c pla - ok
21:40:42.0839 0x249c PlugPlay - ok
21:40:42.0841 0x249c pmem - ok
21:40:42.0844 0x249c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
21:40:42.0852 0x249c PnkBstrA - ok
21:40:42.0854 0x249c PNRPAutoReg - ok
21:40:42.0856 0x249c PNRPsvc - ok
21:40:42.0857 0x249c PolicyAgent - ok
21:40:42.0860 0x249c Power - ok
21:40:42.0862 0x249c PptpMiniport - ok
21:40:42.0914 0x249c [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:40:42.0974 0x249c PrintNotify - ok
21:40:42.0978 0x249c Processor - ok
21:40:42.0980 0x249c ProfSvc - ok
21:40:42.0981 0x249c Psched - ok
21:40:42.0983 0x249c QWAVE - ok
21:40:42.0984 0x249c QWAVEdrv - ok
21:40:42.0986 0x249c RasAcd - ok
21:40:42.0988 0x249c RasAgileVpn - ok
21:40:42.0990 0x249c RasAuto - ok
21:40:42.0991 0x249c Rasl2tp - ok
21:40:42.0993 0x249c RasMan - ok
21:40:42.0994 0x249c RasPppoe - ok
21:40:42.0997 0x249c RasSstp - ok
21:40:42.0998 0x249c rdbss - ok
21:40:43.0001 0x249c rdpbus - ok
21:40:43.0002 0x249c RDPDR - ok
21:40:43.0007 0x249c RdpVideoMiniport - ok
21:40:43.0008 0x249c rdyboost - ok
21:40:43.0010 0x249c ReFS - ok
21:40:43.0011 0x249c ReFSv1 - ok
21:40:43.0014 0x249c RemoteAccess - ok
21:40:43.0015 0x249c RemoteRegistry - ok
21:40:43.0017 0x249c RetailDemo - ok
21:40:43.0019 0x249c RmSvc - ok
21:40:43.0020 0x249c RpcEptMapper - ok
21:40:43.0022 0x249c RpcLocator - ok
21:40:43.0024 0x249c RpcSs - ok
21:40:43.0025 0x249c rspndr - ok
21:40:43.0027 0x249c s3cap - ok
21:40:43.0030 0x249c [ 8F63E54CC039A645B1980CFB92FA93DC, B011E8E6E5D6FF76B6AC9914CBEAF1D41D8F0F87AC2ADCBE4F5CF1E8B61F5A90 ] SAlphamHid C:\WINDOWS\System32\drivers\SAlpham64.sys
21:40:43.0033 0x249c SAlphamHid - detected UnsignedFile.Multi.Generic ( 1 )
21:40:43.0179 0x249c Detect skipped due to KSN trusted
21:40:43.0179 0x249c SAlphamHid - ok
21:40:43.0182 0x249c SamSs - ok
21:40:43.0184 0x249c sbp2port - ok
21:40:43.0186 0x249c SCardSvr - ok
21:40:43.0188 0x249c ScDeviceEnum - ok
21:40:43.0190 0x249c scfilter - ok
21:40:43.0191 0x249c Schedule - ok
21:40:43.0193 0x249c scmbus - ok
21:40:43.0195 0x249c SCPolicySvc - ok
21:40:43.0197 0x249c sdbus - ok
21:40:43.0199 0x249c SDFRd - ok
21:40:43.0200 0x249c SDRSVC - ok
21:40:43.0202 0x249c sdstor - ok
21:40:43.0204 0x249c seclogon - ok
21:40:43.0205 0x249c SecurityHealthService - ok
21:40:43.0207 0x249c SEMgrSvc - ok
21:40:43.0208 0x249c SENS - ok
21:40:43.0210 0x249c Sense - ok
21:40:43.0211 0x249c SensorDataService - ok
21:40:43.0213 0x249c SensorService - ok
21:40:43.0215 0x249c SensrSvc - ok
21:40:43.0217 0x249c SerCx - ok
21:40:43.0218 0x249c SerCx2 - ok
21:40:43.0220 0x249c Serenum - ok
21:40:43.0222 0x249c Serial - ok
21:40:43.0224 0x249c sermouse - ok
21:40:43.0228 0x249c SessionEnv - ok
21:40:43.0232 0x249c sfloppy - ok
21:40:43.0234 0x249c SharedAccess - ok
21:40:43.0236 0x249c ShellHWDetection - ok
21:40:43.0238 0x249c shpamsvc - ok
21:40:43.0240 0x249c SiSRaid2 - ok
21:40:43.0242 0x249c SiSRaid4 - ok
21:40:43.0248 0x249c [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:40:43.0257 0x249c SkypeUpdate - ok
21:40:43.0259 0x249c smphost - ok
21:40:43.0261 0x249c SmsRouter - ok
21:40:43.0265 0x249c SNMPTRAP - ok
21:40:43.0266 0x249c spaceport - ok
21:40:43.0268 0x249c SpbCx - ok
21:40:43.0270 0x249c spectrum - ok
21:40:43.0280 0x249c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys
21:40:43.0289 0x249c speedfan - ok
21:40:43.0292 0x249c Spooler - ok
21:40:43.0294 0x249c sppsvc - ok
21:40:43.0297 0x249c srv - ok
21:40:43.0299 0x249c srv2 - ok
21:40:43.0300 0x249c srvnet - ok
21:40:43.0303 0x249c [ A34A9BFCD2A9695CF00A5365DAA5F2ED, 9D935EF7103DC77EBBD00EB0DDECF8C9B17308B8A960E8BB98B807104B417114 ] ssdevfactory C:\WINDOWS\System32\drivers\ssdevfactory.sys
21:40:43.0307 0x249c ssdevfactory - ok
21:40:43.0310 0x249c SSDPSRV - ok
21:40:43.0311 0x249c SstpSvc - ok
21:40:43.0316 0x249c [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:40:43.0322 0x249c ssudmdm - ok
21:40:43.0324 0x249c StateRepository - ok
21:40:43.0345 0x249c [ 925116020437C74A2F535EBB05267968, 3180856E63A7E17807A6914A13C8BD4B01AE6A76E7E8D0A3FF45556536CC717E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:40:43.0367 0x249c Steam Client Service - ok
21:40:43.0370 0x249c stexstor - ok
21:40:43.0372 0x249c stisvc - ok
21:40:43.0373 0x249c storahci - ok
21:40:43.0375 0x249c storflt - ok
21:40:43.0377 0x249c stornvme - ok
21:40:43.0379 0x249c storqosflt - ok
21:40:43.0380 0x249c StorSvc - ok
21:40:43.0382 0x249c storufs - ok
21:40:43.0383 0x249c storvsc - ok
21:40:43.0385 0x249c svsvc - ok
21:40:43.0388 0x249c swenum - ok
21:40:43.0390 0x249c swprv - ok
21:40:43.0392 0x249c Synth3dVsc - ok
21:40:43.0394 0x249c SysMain - ok
21:40:43.0395 0x249c SystemEventsBroker - ok
21:40:43.0397 0x249c TabletInputService - ok
21:40:43.0400 0x249c [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
21:40:43.0404 0x249c tap0901 - ok
21:40:43.0407 0x249c TapiSrv - ok
21:40:43.0409 0x249c Tcpip - ok
21:40:43.0410 0x249c Tcpip6 - ok
21:40:43.0412 0x249c tcpipreg - ok
21:40:43.0415 0x249c tdx - ok
21:40:43.0517 0x249c [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:40:43.0602 0x249c TeamViewer - ok
21:40:43.0608 0x249c terminpt - ok
21:40:43.0610 0x249c TermService - ok
21:40:43.0612 0x249c Themes - ok
21:40:43.0614 0x249c TieringEngineService - ok
21:40:43.0616 0x249c tiledatamodelsvc - ok
21:40:43.0617 0x249c TimeBrokerSvc - ok
21:40:43.0619 0x249c TokenBroker - ok
21:40:43.0621 0x249c TPM - ok
21:40:43.0623 0x249c TrkWks - ok
21:40:43.0624 0x249c TrustedInstaller - ok
21:40:43.0627 0x249c tsusbflt - ok
21:40:43.0628 0x249c TsUsbGD - ok
21:40:43.0630 0x249c tsusbhub - ok
21:40:43.0632 0x249c tzautoupdate - ok
21:40:43.0634 0x249c UASPStor - ok
21:40:43.0635 0x249c UcmCx0101 - ok
21:40:43.0637 0x249c UcmTcpciCx0101 - ok
21:40:43.0639 0x249c UcmUcsi - ok
21:40:43.0641 0x249c Ucx01000 - ok
21:40:43.0642 0x249c UdeCx - ok
21:40:43.0644 0x249c udfs - ok
21:40:43.0646 0x249c UEFI - ok
21:40:43.0647 0x249c UevAgentDriver - ok
21:40:43.0649 0x249c UevAgentService - ok
21:40:43.0651 0x249c Ufx01000 - ok
21:40:43.0653 0x249c UfxChipidea - ok
21:40:43.0654 0x249c ufxsynopsys - ok
21:40:43.0658 0x249c UI0Detect - ok
21:40:43.0659 0x249c umbus - ok
21:40:43.0661 0x249c UmPass - ok
21:40:43.0663 0x249c UmRdpService - ok
21:40:43.0665 0x249c UnistoreSvc - ok
21:40:43.0667 0x249c upnphost - ok
21:40:43.0669 0x249c UrsChipidea - ok
21:40:43.0671 0x249c UrsCx01000 - ok
21:40:43.0672 0x249c UrsSynopsys - ok
21:40:43.0674 0x249c usbccgp - ok
21:40:43.0676 0x249c usbcir - ok
21:40:43.0678 0x249c usbehci - ok
21:40:43.0679 0x249c usbhub - ok
21:40:43.0681 0x249c USBHUB3 - ok
21:40:43.0683 0x249c usbohci - ok
21:40:43.0684 0x249c usbprint - ok
21:40:43.0686 0x249c usbser - ok
21:40:43.0688 0x249c USBSTOR - ok
21:40:43.0689 0x249c usbuhci - ok
21:40:43.0691 0x249c USBXHCI - ok
21:40:43.0693 0x249c UserDataSvc - ok
21:40:43.0695 0x249c UserManager - ok
21:40:43.0697 0x249c UsoSvc - ok
21:40:43.0699 0x249c VaultSvc - ok
21:40:43.0700 0x249c vdrvroot - ok
21:40:43.0702 0x249c vds - ok
21:40:43.0704 0x249c VerifierExt - ok
21:40:43.0706 0x249c vhdmp - ok
21:40:43.0707 0x249c vhf - ok
21:40:43.0709 0x249c vmbus - ok
21:40:43.0710 0x249c VMBusHID - ok
21:40:43.0712 0x249c vmgid - ok
21:40:43.0714 0x249c vmicguestinterface - ok
21:40:43.0715 0x249c vmicheartbeat - ok
21:40:43.0717 0x249c vmickvpexchange - ok
21:40:43.0719 0x249c vmicrdv - ok
21:40:43.0721 0x249c vmicshutdown - ok
21:40:43.0722 0x249c vmictimesync - ok
21:40:43.0724 0x249c vmicvmsession - ok
21:40:43.0726 0x249c vmicvss - ok
21:40:43.0727 0x249c volmgr - ok
21:40:43.0729 0x249c volmgrx - ok
21:40:43.0731 0x249c volsnap - ok
21:40:43.0733 0x249c volume - ok
21:40:43.0735 0x249c vpci - ok
21:40:43.0737 0x249c vsmraid - ok
21:40:43.0739 0x249c VSS - ok
21:40:43.0740 0x249c VSTXRAID - ok
21:40:43.0742 0x249c vwifibus - ok
21:40:43.0744 0x249c vwififlt - ok
21:40:43.0745 0x249c W32Time - ok
21:40:43.0747 0x249c WacomPen - ok
21:40:43.0749 0x249c WalletService - ok
21:40:43.0750 0x249c wanarp - ok
21:40:43.0752 0x249c wanarpv6 - ok
21:40:43.0754 0x249c wbengine - ok
21:40:43.0756 0x249c WbioSrvc - ok
21:40:43.0757 0x249c wcifs - ok
21:40:43.0759 0x249c Wcmsvc - ok
21:40:43.0761 0x249c wcncsvc - ok
21:40:43.0762 0x249c wcnfs - ok
21:40:43.0764 0x249c WdBoot - ok
21:40:43.0766 0x249c Wdf01000 - ok
21:40:43.0767 0x249c WdFilter - ok
21:40:43.0769 0x249c WdiServiceHost - ok
21:40:43.0771 0x249c WdiSystemHost - ok
21:40:43.0773 0x249c wdiwifi - ok
21:40:43.0776 0x249c WdNisDrv - ok
21:40:43.0777 0x249c WdNisSvc - ok
21:40:43.0779 0x249c WebClient - ok
21:40:43.0781 0x249c Wecsvc - ok
21:40:43.0783 0x249c WEPHOSTSVC - ok
21:40:43.0785 0x249c wercplsupport - ok
21:40:43.0787 0x249c WerSvc - ok
21:40:43.0788 0x249c WFDSConMgrSvc - ok
21:40:43.0790 0x249c WFPLWFS - ok
21:40:43.0792 0x249c WiaRpc - ok
21:40:43.0793 0x249c WIMMount - ok
21:40:43.0795 0x249c WinDefend - ok
21:40:43.0799 0x249c WindowsTrustedRT - ok
21:40:43.0800 0x249c WindowsTrustedRTProxy - ok
21:40:43.0802 0x249c WinHttpAutoProxySvc - ok
21:40:43.0804 0x249c WinMad - ok
21:40:43.0808 0x249c Winmgmt - ok
21:40:43.0809 0x249c WinNat - ok
21:40:43.0811 0x249c WinRM - ok
21:40:43.0814 0x249c WINUSB - ok
21:40:43.0816 0x249c WinVerbs - ok
21:40:43.0818 0x249c wisvc - ok
21:40:43.0820 0x249c WlanSvc - ok
21:40:43.0822 0x249c wlidsvc - ok
21:40:43.0824 0x249c wlpasvc - ok
21:40:43.0825 0x249c WmiAcpi - ok
21:40:43.0828 0x249c wmiApSrv - ok
21:40:43.0830 0x249c WMPNetworkSvc - ok
21:40:43.0836 0x249c [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:40:43.0844 0x249c Wof - ok
21:40:43.0847 0x249c workfolderssvc - ok
21:40:43.0849 0x249c WPDBusEnum - ok
21:40:43.0851 0x249c WpdUpFltr - ok
21:40:43.0853 0x249c WpnService - ok
21:40:43.0855 0x249c WpnUserService - ok
21:40:43.0857 0x249c ws2ifsl - ok
21:40:43.0859 0x249c wscsvc - ok
21:40:43.0861 0x249c WSDPrintDevice - ok
21:40:43.0862 0x249c WSDScan - ok
21:40:43.0864 0x249c WSearch - ok
21:40:43.0867 0x249c wuauserv - ok
21:40:43.0869 0x249c WudfPf - ok
21:40:43.0870 0x249c WUDFRd - ok
21:40:43.0872 0x249c wudfsvc - ok
21:40:43.0874 0x249c WUDFWpdFs - ok
21:40:43.0876 0x249c WUDFWpdMtp - ok
21:40:43.0877 0x249c WwanSvc - ok
21:40:43.0879 0x249c xbgm - ok
21:40:43.0881 0x249c XblAuthManager - ok
21:40:43.0883 0x249c XblGameSave - ok
21:40:43.0885 0x249c xboxgip - ok
21:40:43.0886 0x249c XboxGipSvc - ok
21:40:43.0888 0x249c XboxNetApiSvc - ok
21:40:43.0890 0x249c xinputhid - ok
21:40:43.0891 0x249c ================ Scan global ===============================
21:40:43.0899 0x249c [ Global ] - ok
21:40:43.0899 0x249c ================ Scan MBR ==================================
21:40:43.0901 0x249c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:40:43.0917 0x249c \Device\Harddisk0\DR0 - ok
21:40:43.0918 0x249c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:40:43.0985 0x249c \Device\Harddisk1\DR1 - ok
21:40:43.0985 0x249c ================ Scan VBR ==================================
21:40:43.0986 0x249c [ E634D92FC2F84454312CCD026742559D ] \Device\Harddisk0\DR0\Partition1
21:40:43.0987 0x249c \Device\Harddisk0\DR0\Partition1 - ok
21:40:43.0988 0x249c [ 18B6AFAB79E733B927586AC1F09CE5B2 ] \Device\Harddisk0\DR0\Partition2
21:40:43.0989 0x249c \Device\Harddisk0\DR0\Partition2 - ok
21:40:43.0991 0x249c [ 0B804F05C15EBD6C8B08DD4910560550 ] \Device\Harddisk0\DR0\Partition3
21:40:43.0991 0x249c \Device\Harddisk0\DR0\Partition3 - ok
21:40:43.0992 0x249c [ 6643E69DEB400AE21FD718E48499B5D7 ] \Device\Harddisk0\DR0\Partition4
21:40:43.0993 0x249c \Device\Harddisk0\DR0\Partition4 - ok
21:40:43.0994 0x249c [ 4629753AE58E41224B27DACD3C679459 ] \Device\Harddisk0\DR0\Partition5
21:40:43.0995 0x249c \Device\Harddisk0\DR0\Partition5 - ok
21:40:43.0997 0x249c [ 0507C5958F26B2BA43FCB8BB87CD2A16 ] \Device\Harddisk1\DR1\Partition1
21:40:43.0998 0x249c \Device\Harddisk1\DR1\Partition1 - ok
21:40:43.0998 0x249c ================ Scan generic autorun ======================
21:40:43.0999 0x249c SecurityHealth - ok
21:40:44.0001 0x249c [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:40:44.0004 0x249c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:40:44.0052 0x249c Detect skipped due to KSN trusted
21:40:44.0052 0x249c IAStorIcon - ok
21:40:44.0065 0x249c [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
21:40:44.0072 0x249c Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
21:40:44.0124 0x249c Detect skipped due to KSN trusted
21:40:44.0124 0x249c Cmaudio8788GX - ok
21:40:44.0131 0x249c [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
21:40:44.0139 0x249c Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
21:40:44.0435 0x249c Detect skipped due to KSN trusted
21:40:44.0435 0x249c Cmaudio8788GX64 - ok
21:40:44.0442 0x249c [ E05782E0B697CADBBC17E78C67280B30, 87A142350F1BD9FF7ADDDBF80AC5C1EFDCE93F8E3142B95ACC8D85DDE77D42D8 ] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
21:40:44.0448 0x249c Lightshot - ok
21:40:44.0450 0x249c OneDriveSetup - ok
21:40:44.0450 0x249c OneDriveSetup - ok
21:40:44.0488 0x249c [ A385FF47BD1F3D43AD9B5212F5BD4466, 890C84A59021719AEEE9B78B7D67EF6BA9124B462198FEB337045D81D250087A ] C:\Program Files (x86)\Origin\Origin.exe
21:40:44.0527 0x249c EADM - ok
21:40:44.0533 0x249c [ 40F7401928355A1515199676A5D00CDC, 4F16DE77F0BD7D1F9F61AE5712B3FD7BD53D19DCCEF88925E10180EF040A8E0B ] C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe
21:40:44.0539 0x249c AVMUSBFernanschluss - detected UnsignedFile.Multi.Generic ( 1 )
21:40:44.0590 0x249c Detect skipped due to KSN trusted
21:40:44.0590 0x249c AVMUSBFernanschluss - ok
21:40:44.0591 0x249c Skype - ok
21:40:44.0593 0x249c GoogleDriveSync - ok
21:40:44.0741 0x249c [ 8D3D5BA1638778DE87503E5FEA68DC9F, D54C2B375A6F8A49BC53CAA3ED8A0EEBF53FD113BB47622F4AE6DA762D194FE7 ] C:\Program Files\CCleaner\CCleaner64.exe
21:40:44.0877 0x249c CCleaner Monitoring - ok
21:40:45.0120 0x249c [ C60118EE0B605CD3EF7AD29C02D9CB8E, 7F7F96F8EBC5C762702A8C086246EC245965AFC39042ACEFDF6DB29DF0978D99 ] C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
21:40:45.0370 0x249c Spotify - ok
21:40:45.0392 0x249c [ 03498C0BA3B6153C3A431B1A003B90C3, 6F45FBFFB8E6BF85263F7661520E18A104D22E17A5B9AE73B12111AEED7B711E ] C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:40:45.0404 0x249c Spotify Web Helper - ok
21:40:45.0405 0x249c Waiting for KSN requests completion. In queue: 60
21:40:46.0411 0x249c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.31.21 ), 0x41000 ( enabled : updated )
21:40:46.0411 0x249c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
21:40:46.0425 0x249c Win FW state via NFP2: enabled ( trusted )
21:40:46.0531 0x249c ============================================================
21:40:46.0531 0x249c Scan finished
21:40:46.0531 0x249c ============================================================
21:40:46.0535 0x2498 Detected object count: 0
21:40:46.0535 0x2498 Actual detected object count: 0
|
|
20.09.2017, 20:42
| #5 |
| | Microsoft-Ansage "Pc deaktivieren" Virus additional: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Christophh (20-09-2017 21:38:49)
Gestartet von C:\Users\Christophh\Downloads
Windows 10 Pro N Version 1703 (X64) (2017-06-27 11:22:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2647985832-747989680-4269839675-500 - Administrator - Disabled)
Christophh (S-1-5-21-2647985832-747989680-4269839675-1001 - Administrator - Enabled) => C:\Users\Christophh
DefaultAccount (S-1-5-21-2647985832-747989680-4269839675-503 - Limited - Disabled)
Gast (S-1-5-21-2647985832-747989680-4269839675-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.66 - NVIDIA Corporation) Hidden
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avira (HKLM-x32\...\{1B48601D-0537-4589-9952-A8989BE8249A}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7c01a3b4-3454-446e-8473-8a245f962c28}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.31.27 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlefield™ 1 CTE (HKLM-x32\...\{E970EAB6-8F6F-4E72-AB13-F6648397322C}) (Version: 1.0.49.53737 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - )
Fallout 4 Update 7 MULTi2 1.3.47 (HKLM-x32\...\Fallout 4 Update 7 MULTi2 1.3.47) (Version: - )
Far Cry 4 Final DLC Edition (HKLM-x32\...\Far Cry 4 Final DLC Edition) (Version: 1.01 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.163.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.642 - IBM Corp)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY 2 Demo (HKLM\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - )
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
SteelSeries Engine 3.6.5.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.5.1 - SteelSeries ApS)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version: - Rune Forge)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> Keine Datei
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {079C14B1-CB36-4B02-B028-CE0CEDA98B4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {12499066-3D4B-4DED-83CB-F1FFC715E2D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {145BC74F-115A-4698-B56C-BFC772C08436} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {1B85927A-612F-4181-85EE-63FE2ED0865B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1CC83974-E9D3-4810-BA4C-7220F4900776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2174755F-05CE-49D0-AE15-747D140A045B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {23E845F4-7EBF-4E56-AC3B-366E26A110AC} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {4251EA1E-A6D3-45D4-AFC1-95DE3060F863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {49B78674-9BE2-4E99-8E88-AC2E440BC2B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {4E86110C-D824-4944-9638-7481FB7299E1} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {555A41E3-676C-4710-B88E-201FC8C82C05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {5616F5D0-8636-485C-B6CC-57BBDB454828} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5DB0FBE3-2D87-4192-AA89-2F4CF88D24F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {63A3C67B-2DA1-4C68-8C6A-B4C1EFF5C3CA} - System32\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {6575BDDC-DB1C-46B8-B459-A0EF649F9694} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {67A30A74-9E49-4542-BF72-B99B5AC568F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {6A59C583-FBB0-4F2B-A452-307A30BEF6BC} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {6EFCD18D-6694-43F7-B182-2EE79B5F01BC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75639B92-6F08-447D-9DB6-2C9EB681FEE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CC31553-2D5E-438B-A5DA-27AF6A753689} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8690B4D6-D373-4296-AD8C-77CCA8827DF9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {8787C227-430F-4D02-A178-C9E614996DFE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-09-20] (Avira Operations GmbH & Co. KG)
Task: {90486FE1-A505-47DA-A1B3-4A19B2E5BE65} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {93ECD6F2-41F2-473D-8DBE-3930D5A6083C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {96F6BD3B-3A9D-4A82-B65F-BCEBF51B29BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {98895E9E-010F-44A4-9E71-8EA31ABF20E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {A69FDB4A-CE01-4556-9505-DB1511ECBE78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {B40A4036-DD57-47F9-858C-63F09F3AB501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B6B33C06-EB44-4CFA-84ED-342E4C5E7039} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {BBC48FF0-B417-4CFE-9DB7-E25CCB958C99} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {E3490B13-F99A-4811-B177-587C23626ADE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {ED950690-48CA-447A-AB14-0DE3300969AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F0FAB5DD-8534-4FD2-84F4-9F6707BF3BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {F4319554-C5A5-4435-80A5-0A304DCF0B9A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {F4D99559-374E-46D7-BF35-2CFC0C780B4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-27 13:16 - 2013-07-04 03:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-10-29 21:11 - 2015-11-10 18:38 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-10-24 20:51 - 2017-02-23 20:34 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 22:56 - 2017-03-18 22:56 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:58 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-28 19:16 - 2008-07-11 17:04 - 000200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2015-10-28 19:16 - 2008-07-11 17:03 - 000282112 _____ () C:\Windows\System\HsMgr64.exe
2017-04-11 19:12 - 2017-08-23 17:49 - 000021856 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2015-10-29 18:47 - 2017-05-23 13:57 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-06-27 13:16 - 2017-09-20 21:36 - 000038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-27 13:16 - 2013-07-04 03:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-10-24 20:51 - 2017-02-23 20:33 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-20 15:48 - 2017-08-23 17:48 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-10-20 15:48 - 2017-08-23 17:48 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-16 15:20 - 2016-07-03 11:42 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-09-20 21:36 - 2017-09-20 21:36 - 000098816 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32api.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000110080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\pywintypes27.dll
2017-09-20 21:36 - 2017-09-20 21:36 - 000364544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\pythoncom27.dll
2017-09-20 21:36 - 2017-09-20 21:36 - 000320512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32com.shell.shell.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000914432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_hashlib.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 001176576 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._core_.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000806400 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._gdi_.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000816128 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._windows_.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 001067008 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._controls_.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000733184 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._misc_.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000682496 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\pysqlite2._sqlite.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_ctypes.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000686080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\unicodedata.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000119808 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32file.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000108544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32security.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000007168 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\hashobjs_ext.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000017920 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\thumbnails_ext.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\usb_ext.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000012800 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\common.time34.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000018432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32event.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000167936 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32gui.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000046080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_socket.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 001303552 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_ssl.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000128512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_elementtree.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000127488 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\pyexpat.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000038912 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32inet.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000036864 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_psutil_windows.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000524248 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\windows._lib_cacheinvalidation.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000011264 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32crypt.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000123392 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._wizard.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000077312 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._html2.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000027648 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_multiprocessing.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000020480 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\_yappi.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000035840 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32process.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000078848 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\wx._animate.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000024064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32pipe.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000010240 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\select.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000025600 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32pdh.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000017408 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32profile.pyd
2017-09-20 21:36 - 2017-09-20 21:36 - 000022528 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI132322\win32ts.pyd
2017-09-02 17:53 - 2017-08-04 23:19 - 000678176 _____ () D:\Steam\SDL2.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 004969248 _____ () D:\Steam\v8.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 002505504 _____ () D:\Steam\video.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001195296 _____ () D:\Steam\icuuc.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001563936 _____ () D:\Steam\icui18n.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000332800 _____ () D:\Steam\libavresample-2.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000442880 _____ () D:\Steam\libavutil-54.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000491008 _____ () D:\Steam\libavformat-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 002549760 _____ () D:\Steam\libavcodec-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000485888 _____ () D:\Steam\libswscale-3.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 000885024 _____ () D:\Steam\bin\chromehtml.DLL
2016-10-14 21:39 - 2016-07-05 00:17 - 000266560 _____ () D:\Steam\openvr_api.dll
2017-06-09 09:16 - 2017-05-17 03:54 - 000678176 _____ () D:\Steam\bin\cef\cef.win7\SDL2.dll
2017-09-02 17:53 - 2017-07-18 00:50 - 073115424 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2016-10-14 21:39 - 2015-09-25 01:52 - 000119208 _____ () D:\Steam\winh264.dll
2016-10-24 20:51 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-24 20:51 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2014-04-29 16:23 - 2014-04-29 16:23 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B35FBDA9-C65B-47A7-89EA-57B01B60EA65}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [{099D13E3-C461-4BC6-8AA9-D8FE2A5A3C87}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [UDP Query User{F3A72D23-B603-4F7B-94FB-759242EC9FE3}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [TCP Query User{7E91D023-B68C-446F-A88D-AF8F190CA3CF}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [{68DECFC6-06EC-4A89-9460-8AD119AB25DE}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{4B97FF0B-B5CC-4D2C-91C8-54E7C412E087}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{054FFD83-2C35-425A-8D3D-4D2E82399EAA}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{FAB710FB-1EE2-43CA-BE36-54DC74DEB183}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{EAF85DE4-1BA5-4707-A2E7-D559A31DFBD1}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{3B78D03A-6E75-4D58-9501-21A2B6179C24}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{4D87E320-DF34-41A4-8F18-D8116E522B26}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8E11CAB3-6576-4470-A984-06E21B7CCD74}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8ADDDCD5-DD4B-4D61-812C-374174D98790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{4084F086-02AC-47E7-9C96-3B15B1247049}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1C76DAE-E2B2-41EE-801B-3E9D69D8B13A}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{3031581B-B895-41FE-BE61-D71E733A7EB4}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C727FE97-2BFC-4CC6-9DE8-4017614559DA}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{109DC5D2-65DD-41CE-84AF-48D9AAB0B717}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{9A3EAE5E-89B1-4AD2-8DFD-CB336B818FDD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{F91E551C-A116-48CC-B153-40A168C2E616}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{88534B71-581A-4D5F-B59D-6B2AF72CD5B4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{577290BA-FE8E-4C77-824B-6DEC20F4E200}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{6085BDC2-49FA-49F2-B94C-349731FF7144}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DC19986E-04F8-4976-A8C9-A877E30A65A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EB2C4A04-B263-4F53-8C48-25BD52BA1022}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF91B00A-D570-4A7D-A43A-656A7DCCF011}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C452347E-DFEE-4634-9D0E-C1B309A53B9B}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E54F1CF7-D890-4660-A8FF-3B33B3B48422}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{950EC891-E6F9-408D-9B5D-D7EC6AB72F0C}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1604F9C6-4398-4F60-88EC-A2176B902862}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C72357B3-559F-4A68-BBB2-3FBCBDBF7A1A}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{2BEAFD9D-1698-49B7-95F2-2A97A6FC0CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7582F3C4-C10A-4E89-90AB-C81232CBBCF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6420D1C-B234-4DA2-954A-726B72908CC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FB4EACAA-BF4A-49E8-A136-700565C97C0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{CEB9BBAB-08A5-4389-B817-020D69F17D79}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{3F6BDE10-997F-4291-A3B5-4F19C9293999}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7FBA1017-EA2A-4C53-B1AF-CAEE09FECB0F}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AC1A3B22-C1AE-40E1-BA66-72DD31308CD7}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{46862880-DA2A-4AA5-917B-832CD216B58B}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{81A9155B-97BA-42AA-84ED-DCDE97025F32}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5CCC69C3-4230-46E2-A782-737A0F54BC49}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{D2140964-DED8-4194-BAE6-3EA3D82B8B6F}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{EA757548-9659-449E-8199-E51C3F89E26D}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{00C2E2E4-3633-49B0-9970-4524C088C2B1}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{9E454426-9F44-4B08-A3DB-02FE95983C52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C3A48BD7-716E-4B88-AC0F-2E68EECF9CED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CB37054-8DFE-45C6-B743-0569AAC3CF0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B6515389-2662-43D2-8E06-F2C5290E9289}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0D4F991-F4B8-4F57-8100-4E837C976F1F}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{1C40E035-51C4-4CB8-80AD-D93FF9F5B8E2}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{43EDC139-DF01-4D40-8CDE-95A7B93F3938}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{439074AF-839D-4F06-964E-941A5FBF869B}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{C0E4A294-6429-44E1-9433-E1B2B666707D}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{77DFD709-BD5A-4749-882E-F9486930E8A5}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{37EB6D7F-DFCE-4039-9F1B-1CE7CB28305F}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{7B6ABA40-F303-4C47-8B04-6E79AB68BF95}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{43D3BF8B-4235-48FA-A8D1-CCEAB3DE7B26}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{2723C32B-DE08-477A-BC47-B9AE48A6B32C}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{B5D2E769-682B-4CA6-830D-7B3D6993DA0D}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [{153174ED-074B-4C06-86DF-3FE701EAE4B2}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [UDP Query User{0B868E1C-C3B3-4D2B-9B32-17D522FCE3FE}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [TCP Query User{ED90E7CB-DBBA-4801-BA56-79C8372373AB}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [{47DB389D-A6C1-40A5-A325-E412016A8B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D8920E0-8239-4023-A97E-CE5267CCD157}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D3173BA-064A-461E-A0CE-85179956DEA0}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{C093C513-6B31-4E3F-B857-CA50004719AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AF4945FB-B71B-4916-885F-A60C3898874D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EEEDCE2-1BCB-459D-A368-30C5CC49F0C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5B363055-D6FD-486B-B3D7-6EA6C33899E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FCADDE1-0029-47CB-998E-04C33F148A61}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{BB23A4F2-1441-462D-B0BB-FB7A03B332CA}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D4C7EA1B-1517-4351-A08E-564C66FE839B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBFBEA75-7A73-4E80-BB55-87284A15977E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B801FC59-120D-49DA-9EAE-BD56C4A18D81}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C441A6F7-E05E-4C85-ADB1-79104BFDB08E}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{1182DFCA-2A8B-47B3-A4A6-262E767AE0C9}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{7503F75F-238A-4A7C-899C-FB96C6019A07}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{EEEA93BE-EBEF-4499-806F-E2E33963FFF9}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{52211986-6A85-43E4-BE5A-1FC707E379E0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{FD01900F-317E-494C-83BA-D57748671EBB}] => (Allow) C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{434A2C7B-F770-4086-9BD0-4CAECC9527DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{847190F2-960B-451F-8F4D-456C9A44530C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{75F57C39-04D7-41C6-9643-BDC52266E5FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA513ED1-547C-4D5A-B36C-B7C94B26CCEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50C2DA0F-76A2-4917-9335-0F6223DBD2E4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [UDP Query User{64C3315C-C436-4FFA-9E36-F7EC7CEBD1A4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [TCP Query User{845F1EDC-DFDD-4A88-8640-1665F249666D}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [UDP Query User{71508D2D-3E58-4453-BB15-72BA86B6FCC3}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{CF9B3EB5-9D48-45C7-8343-EC606051C258}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{124E2EF1-88B1-43C5-871D-1F55AF3E0B38}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{5C5C2DFC-FFF6-4416-9B39-87041120CF09}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{642977D6-B138-4E9F-B7DB-EAD38DCA1682}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{7A70B9E9-6BD6-422E-93E1-CF728AF6DE15}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{9EDC662F-5646-461B-B397-FC57EE2E20BF}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CE89E561-D33C-4E57-9A60-0B730AB2F192}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [{B7D96811-0573-4899-98EC-A0893B9E88F7}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [TCP Query User{D9F4D7D1-32EB-40C0-8863-F86532D0D71F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{052CCC83-FB80-4C6F-B8DA-4E68E91C5CB4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1E12540D-455F-483A-A2CC-F21FAF82B23B}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0CAA0EC-C64E-4B2F-B4A6-53D829A11C1D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{52059795-9EF3-4B25-B320-F03FB1C1C544}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E34EFAEF-361F-4813-BD7C-E018EFD198F5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8766D8A0-9D2C-4170-A10D-F713DF360CF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{3118D20C-60CA-402F-BA96-45E77CF8079C}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{E3907755-C264-403D-A56A-45AEAC3CB4F4}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{764473A7-036F-4825-BB17-CF7B4414023C}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{A4D0C427-7344-4B19-9D6F-89526017F839}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{FA28E123-C83B-438B-B91A-21B1ACB30F98}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D645DE72-22F3-4D3A-A75D-A1A1FDF2ED80}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{119EC3DC-E7AA-4141-BE01-CFB25FA7A03C}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FEF82CAC-01D6-47C8-A17C-9AD1F9E4F4B6}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC1368CB-8DD5-4543-BEF2-315DCB2A08D7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{5B717D7D-AA42-4908-BBE6-3674B2966586}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C56B60BB-8721-488E-A9F8-2F6B2763092C}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8555A0F3-A453-40A2-B000-1A1426E60F11}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{ACE19388-438D-4F8B-B62E-90CB7288CCD7}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{6EC638C8-873B-45CE-8A5F-DD2AD5A1E094}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{575E17B4-0C7F-4B19-A507-C7D732978D9A}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/20/2017 06:48:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/20/2017 06:40:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 55.0.3.6445, Zeitstempel: 0x599ed78a
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x168
Startzeit der fehlerhaften Anwendung: 0x01d3317e3c197368
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: be20cbde-1b32-487f-9ab2-2f02e702ef22
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 55.0.3.6445, Zeitstempel: 0x599edbef
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x3944
Startzeit der fehlerhaften Anwendung: 0x01d3317e523afba7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: a815ae63-7104-4138-b0ab-fc219dde8d0b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:33:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:33:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/17/2017 12:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x59079dd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x56c
Startzeit der fehlerhaften Anwendung: 0x01d32c8d2faed14d
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 5dce9ebc-6bc4-455b-99c3-103d52523f16
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/17/2017 11:53:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/17/2017 10:22:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/16/2017 11:16:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (09/20/2017 09:36:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/20/2017 09:36:13 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841257456
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/19/2017 11:13:51 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-08-23 16:10:28.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8133.69 MB
Verfügbarer physikalischer RAM: 4557.82 MB
Summe virtueller Speicher: 18885.69 MB
Verfügbarer virtueller Speicher: 14814.17 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:110.8 GB) (Free:43.39 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:184.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 261C8E12)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C2F9017A)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
20.09.2017, 20:46
| #6 |
| /// TB-Ausbilder | Microsoft-Ansage "Pc deaktivieren" Virus Bitte noch die von mir gestellten Fragen beantworten.  |
|
20.09.2017, 20:58
| #7 |
| | Microsoft-Ansage "Pc deaktivieren" Virus Nein, das erste mal. Als ich mit Firefox auf "Streaming-Seiten" unterwegs war, wenn man das so sagen darf/kann. |
|
21.09.2017, 13:49
| #8 | |
| /// TB-Ausbilder | Microsoft-Ansage "Pc deaktivieren" Virus Servus, Zitat:
Die Logdateien sehen an sich gut aus. Wir machen trotzdem ein paar Kontrollen. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
21.09.2017, 18:09
| #9 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter # AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 21 16:58:52 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro N (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Christophh\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted: C:\Program Files (x86)\Offers Olymp
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted: [Key] - HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: OffersOlymp -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1813 B] - [2017/6/2 19:40:39]
C:/AdwCleaner/AdwCleaner[S0].txt - [1793 B] - [2017/6/2 19:40:5]
C:/AdwCleaner/AdwCleaner[S1].txt - [1639 B] - [2017/9/21 16:57:48]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 21.09.17
Scan-Zeit: 19:02
Protokolldatei: a5a6f4c0-9eee-11e7-b7fe-f07959664f3c.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2857
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.608)
CPU: x64
Dateisystem: NTFS
Benutzer: Christoph\Christophh
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 393630
Erkannte Bedrohungen: 25
In die Quarantäne verschobene Bedrohungen: 25
Abgelaufene Zeit: 1 Min., 43 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.OffersOlymp, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [1943], [344163],1.0.2857
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 10
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_locales\de, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_locales\en, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_metadata, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_locales, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\content, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\icons, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\USERS\CHRISTOPHH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\bbiilhoacmmppcmcogfmaailncbelbgn, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\jetpack\@offersolymp\simple-storage, In Quarantäne, [1943], [344143],1.0.2857
PUP.Optional.OffersOlymp, C:\USERS\CHRISTOPHH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WNPF6FUE.DEFAULT\JETPACK\@OFFERSOLYMP, In Quarantäne, [1943], [344143],1.0.2857
Datei: 14
PUP.Optional.OffersOlymp, C:\USERS\CHRISTOPHH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WNPF6FUE.DEFAULT\EXTENSIONS\@OFFERSOLYMP.XPI, In Quarantäne, [1943], [344162],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\content\index.html, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\content\main.js, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\content\pxl2.png, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\icons\icon.png, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\icons\icon128.png, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_locales\de\messages.json, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_locales\en\messages.json, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\_metadata\verified_contents.json, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\background.js, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\chnl.js, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\manifest.json, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiilhoacmmppcmcogfmaailncbelbgn\1.0.8_0\secure.js, In Quarantäne, [1943], [344142],1.0.2857
PUP.Optional.OffersOlymp, C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\jetpack\@offersolymp\simple-storage\store.json, In Quarantäne, [1943], [344143],1.0.2857
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von Christophh (Administrator) auf CHRISTOPH (21-09-2017 19:05:43)
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh & (Verfügbare Profile: Christophh)
Platform: Windows 10 Pro N Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVM Berlin) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avconfig.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\RunOnce: [Uninstall 17.3.6966.0824\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\17.3.6966.0824\amd64"
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\RunOnce: [Uninstall 17.3.6966.0824] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\17.3.6966.0824"
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-02-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebeed22-0f5c-4834-a642-ac386011e952}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-10-28] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-28] (DVDVideoSoft Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
FireFox:
========
FF DefaultProfile: wnpf6fue.default
FF ProfilePath: C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default [2017-09-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\wnpf6fue.default -> type", 0
FF Extension: (ProxTube) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\ich@maltegoetz.de.xpi [2017-06-29]
FF Extension: (Adblock Plus) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Slides) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Steam Inventory Helper) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-08-23]
CHR Extension: (Google Search) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Yahoo Partner) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-23]
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [402768 2017-08-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-16] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-11-10] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2015-11-01] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [32792 2015-09-29] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-21 19:05 - 2017-09-21 19:05 - 000006157 _____ C:\Users\Christophh\Desktop\mbam.txt
2017-09-21 19:02 - 2017-09-21 19:02 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-21 19:01 - 2017-09-21 19:01 - 068408664 _____ (Malwarebytes ) C:\Users\Christophh\Downloads\mb3-setup-consumer-3.2.2.2029.exe
2017-09-21 19:01 - 2017-09-21 19:01 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-21 19:01 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-21 18:56 - 2017-09-21 18:56 - 008182736 _____ (Malwarebytes) C:\Users\Christophh\Downloads\adwcleaner_7.0.2.1.exe
2017-09-20 21:40 - 2017-09-20 21:41 - 000088370 _____ C:\TDSSKiller.3.1.0.15_20.09.2017_21.40.12_log.txt
2017-09-20 21:40 - 2017-09-20 21:40 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Christophh\Downloads\tdsskiller.exe
2017-09-20 21:38 - 2017-09-20 21:38 - 000000000 ____D C:\Users\Christophh\Downloads\FRST-OlderVersion
2017-09-20 21:35 - 2017-09-20 21:35 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-09-20 18:39 - 2017-09-20 18:39 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 18:39 - 2017-09-20 18:39 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-09-20 18:39 - 2017-09-20 18:39 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-09-19 22:12 - 2017-09-20 21:38 - 000062621 _____ C:\Users\Christophh\Downloads\Addition.txt
2017-09-19 22:11 - 2017-09-21 19:05 - 000030014 _____ C:\Users\Christophh\Downloads\FRST.txt
2017-09-19 22:11 - 2017-09-21 19:05 - 000000000 ____D C:\FRST
2017-09-19 22:10 - 2017-09-20 21:38 - 002399744 _____ (Farbar) C:\Users\Christophh\Downloads\FRST64.exe
2017-09-12 23:00 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-12 23:00 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-12 23:00 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-12 23:00 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 23:00 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 23:00 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-12 23:00 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-12 23:00 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-12 23:00 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-12 22:59 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-12 22:59 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-12 22:59 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-12 22:59 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-12 22:59 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-12 22:59 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-12 22:59 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-12 22:59 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-12 22:59 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-12 22:59 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-12 22:59 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-12 22:59 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-12 22:59 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-12 22:59 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-12 22:59 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-12 22:59 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-12 22:59 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-12 22:59 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-12 22:59 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-12 22:59 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-12 22:59 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-12 22:59 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-12 22:59 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-12 22:59 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-12 22:59 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-12 22:59 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-12 22:59 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-12 22:59 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-12 22:59 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-12 22:59 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-12 22:59 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-12 22:59 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-12 22:59 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-06 23:49 - 2017-09-06 23:49 - 000000041 _____ C:\Users\Christophh\Desktop\sky.txt
2017-09-05 00:11 - 2017-09-05 00:11 - 005004137 _____ C:\Users\Christophh\Desktop\867c5e9ab0891a8d.mp4
2017-08-27 19:38 - 2017-08-27 19:38 - 000461541 _____ C:\Users\Christophh\Downloads\8CTVBK
2017-08-27 19:36 - 2017-08-27 19:36 - 000188608 _____ C:\Users\Christophh\Downloads\Documents(1).zip
2017-08-27 19:36 - 2017-06-07 11:04 - 000037225 ____N C:\Users\Christophh\Desktop\Tutorium06-SS17.pdf
2017-08-27 19:36 - 2017-05-29 11:33 - 000037344 ____N C:\Users\Christophh\Desktop\Tutorium05-SS17.pdf
2017-08-27 19:36 - 2017-05-24 15:05 - 000037470 ____N C:\Users\Christophh\Desktop\Tutorium04-SS17.pdf
2017-08-27 19:36 - 2017-05-17 11:57 - 000037932 ____N C:\Users\Christophh\Desktop\Tutorium03-SS17.pdf
2017-08-27 19:36 - 2017-05-15 08:43 - 000032988 ____N C:\Users\Christophh\Desktop\Tutorium02-SS17.pdf
2017-08-27 19:36 - 2017-05-04 09:54 - 000048413 ____N C:\Users\Christophh\Desktop\Tutorium01-SS17.pdf
2017-08-27 19:35 - 2017-08-27 19:35 - 015613585 _____ C:\Users\Christophh\Downloads\Documents.zip
2017-08-26 21:39 - 2017-08-26 21:39 - 020317282 _____ C:\Users\Christophh\Downloads\Gmail.zip
2017-08-23 19:05 - 2017-08-23 19:05 - 000000000 ____D C:\Steamspiele
2017-08-23 16:11 - 2017-09-21 19:01 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Spotify
2017-08-23 16:11 - 2017-09-21 19:01 - 000000000 ____D C:\Users\Christophh\AppData\Local\Spotify
2017-08-23 16:11 - 2017-08-23 16:11 - 000001914 _____ C:\Users\Christophh\Desktop\Spotify.lnk
2017-08-23 16:11 - 2017-08-23 16:11 - 000001900 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-23 16:10 - 2017-08-23 16:10 - 058203272 _____ (Spotify Ltd) C:\Users\Christophh\Downloads\SpotifyFullSetup.exe
2017-08-23 16:10 - 2017-08-23 16:10 - 000000247 _____ C:\SILENT
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-21 19:04 - 2017-07-27 14:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647985832-747989680-4269839675-1001
2017-09-21 19:04 - 2017-06-27 13:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B4380E-769C-4734-94C3-69A9011C9AF2}
2017-09-21 19:04 - 2016-07-29 20:50 - 000002437 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-21 19:04 - 2015-10-28 19:14 - 000000000 ___RD C:\Users\Christophh\OneDrive
2017-09-21 19:03 - 2017-06-27 13:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-21 19:01 - 2015-12-18 22:56 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Skype
2017-09-21 19:01 - 2015-10-16 15:11 - 000000000 ____D C:\ProgramData\Origin
2017-09-21 19:00 - 2017-06-27 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-21 19:00 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-21 19:00 - 2016-11-20 12:30 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Mozilla
2017-09-21 19:00 - 2015-11-08 15:35 - 000000000 ____D C:\Users\Christophh\AppData\Local\LogMeIn Hamachi
2017-09-21 18:59 - 2017-06-27 13:25 - 002548522 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-21 18:59 - 2017-03-20 06:40 - 001176414 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-21 18:59 - 2017-03-20 06:40 - 000270202 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-21 18:58 - 2017-08-01 19:46 - 000000000 ____D C:\Users\Christophh\AppData\Local\Downloaded Installations
2017-09-21 18:58 - 2017-06-02 21:38 - 000000000 ____D C:\AdwCleaner
2017-09-20 22:30 - 2017-06-27 13:16 - 000000000 ____D C:\Users\Christophh
2017-09-20 22:30 - 2017-06-27 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-20 18:55 - 2015-10-28 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-20 18:38 - 2015-10-16 13:14 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-09-19 22:10 - 2017-06-30 17:03 - 000000000 ____D C:\Users\Christophh\AppData\Local\Deployment
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-19 21:38 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-19 21:36 - 2017-03-18 23:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 21:36 - 2017-03-18 23:00 - 000000000 ____D C:\WINDOWS\INF
2017-09-17 12:09 - 2015-10-16 15:20 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\TS3Client
2017-09-14 14:14 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\rescache
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-13 18:48 - 2015-10-16 13:14 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-09-13 14:38 - 2017-06-27 13:15 - 000381288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 14:38 - 2016-04-27 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 00:07 - 2017-03-20 06:39 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 23:02 - 2015-10-16 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:01 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 23:01 - 2015-10-16 13:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-02 19:30 - 2015-10-16 15:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-02 17:57 - 2016-01-24 17:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-02 17:15 - 2017-03-18 23:04 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:04 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 19:58 - 2016-11-19 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-27 19:58 - 2015-10-16 14:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-25 15:44 - 2017-07-27 22:57 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-25 15:40 - 2016-01-15 21:16 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-25 15:40 - 2016-01-15 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-24 21:30 - 2016-08-12 16:59 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 21:30 - 2016-08-12 16:59 - 000000000 ____D C:\Users\Christophh\AppData\Local\UnrealEngine
2017-08-23 14:38 - 2015-10-28 19:16 - 000000000 ____D C:\Users\Christophh\AppData\Local\MSfree Inc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 20:07 - 2017-01-27 18:49 - 000007591 _____ () C:\Users\Christophh\AppData\Local\Resmon.ResmonCfg
2015-10-29 20:55 - 2015-10-29 20:55 - 000000003 _____ () C:\Users\Christophh\AppData\Local\updater.log
2015-10-29 20:55 - 2017-05-06 11:08 - 000000425 _____ () C:\Users\Christophh\AppData\Local\UserProducts.xml
2016-09-25 17:14 - 2016-09-25 17:14 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-20 18:48
==================== Ende von FRST.txt ============================
|
|
21.09.2017, 18:10
| #10 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Christophh (21-09-2017 19:06:05)
Gestartet von C:\Users\Christophh\Downloads
Windows 10 Pro N Version 1703 (X64) (2017-06-27 11:22:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2647985832-747989680-4269839675-500 - Administrator - Disabled)
Christophh (S-1-5-21-2647985832-747989680-4269839675-1001 - Administrator - Enabled) => C:\Users\Christophh
DefaultAccount (S-1-5-21-2647985832-747989680-4269839675-503 - Limited - Disabled)
Gast (S-1-5-21-2647985832-747989680-4269839675-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.66 - NVIDIA Corporation) Hidden
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avira (HKLM-x32\...\{1B48601D-0537-4589-9952-A8989BE8249A}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7c01a3b4-3454-446e-8473-8a245f962c28}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.31.27 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlefield™ 1 CTE (HKLM-x32\...\{E970EAB6-8F6F-4E72-AB13-F6648397322C}) (Version: 1.0.49.53737 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - )
Fallout 4 Update 7 MULTi2 1.3.47 (HKLM-x32\...\Fallout 4 Update 7 MULTi2 1.3.47) (Version: - )
Far Cry 4 Final DLC Edition (HKLM-x32\...\Far Cry 4 Final DLC Edition) (Version: 1.01 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.163.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.642 - IBM Corp)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY 2 Demo (HKLM\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - )
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
SteelSeries Engine 3.6.5.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.5.1 - SteelSeries ApS)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version: - Rune Forge)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {079C14B1-CB36-4B02-B028-CE0CEDA98B4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {12499066-3D4B-4DED-83CB-F1FFC715E2D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {145BC74F-115A-4698-B56C-BFC772C08436} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {1B85927A-612F-4181-85EE-63FE2ED0865B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1CC83974-E9D3-4810-BA4C-7220F4900776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2174755F-05CE-49D0-AE15-747D140A045B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {23E845F4-7EBF-4E56-AC3B-366E26A110AC} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {4251EA1E-A6D3-45D4-AFC1-95DE3060F863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {49B78674-9BE2-4E99-8E88-AC2E440BC2B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {4E86110C-D824-4944-9638-7481FB7299E1} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {555A41E3-676C-4710-B88E-201FC8C82C05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {5616F5D0-8636-485C-B6CC-57BBDB454828} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5DB0FBE3-2D87-4192-AA89-2F4CF88D24F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {63A3C67B-2DA1-4C68-8C6A-B4C1EFF5C3CA} - System32\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {6575BDDC-DB1C-46B8-B459-A0EF649F9694} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {67A30A74-9E49-4542-BF72-B99B5AC568F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {6A59C583-FBB0-4F2B-A452-307A30BEF6BC} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {6EFCD18D-6694-43F7-B182-2EE79B5F01BC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75639B92-6F08-447D-9DB6-2C9EB681FEE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CC31553-2D5E-438B-A5DA-27AF6A753689} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {8690B4D6-D373-4296-AD8C-77CCA8827DF9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {8787C227-430F-4D02-A178-C9E614996DFE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-09-20] (Avira Operations GmbH & Co. KG)
Task: {90486FE1-A505-47DA-A1B3-4A19B2E5BE65} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {93ECD6F2-41F2-473D-8DBE-3930D5A6083C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {96F6BD3B-3A9D-4A82-B65F-BCEBF51B29BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {98895E9E-010F-44A4-9E71-8EA31ABF20E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {A69FDB4A-CE01-4556-9505-DB1511ECBE78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {B40A4036-DD57-47F9-858C-63F09F3AB501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B6B33C06-EB44-4CFA-84ED-342E4C5E7039} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {BBC48FF0-B417-4CFE-9DB7-E25CCB958C99} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {E3490B13-F99A-4811-B177-587C23626ADE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {ED950690-48CA-447A-AB14-0DE3300969AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F0FAB5DD-8534-4FD2-84F4-9F6707BF3BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {F4319554-C5A5-4435-80A5-0A304DCF0B9A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {F4D99559-374E-46D7-BF35-2CFC0C780B4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-27 13:16 - 2013-07-04 03:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-10-24 20:51 - 2017-02-23 20:34 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-29 21:11 - 2015-11-10 18:38 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-03-18 22:56 - 2017-03-18 22:56 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:58 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-11 19:12 - 2017-08-23 17:49 - 000021856 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2017-09-21 19:01 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-06-27 13:16 - 2017-09-21 19:00 - 000038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-27 13:16 - 2013-07-04 03:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-24 20:51 - 2017-02-23 20:33 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-20 15:48 - 2017-08-23 17:48 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-10-20 15:48 - 2017-08-23 17:48 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-16 15:20 - 2016-07-03 11:42 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-09-21 19:01 - 2017-09-21 19:01 - 000098816 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32api.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000110080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\pywintypes27.dll
2017-09-21 19:01 - 2017-09-21 19:01 - 000364544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\pythoncom27.dll
2017-09-21 19:01 - 2017-09-21 19:01 - 000320512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32com.shell.shell.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000914432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_hashlib.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 001176576 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._core_.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000806400 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._gdi_.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000816128 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._windows_.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 001067008 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._controls_.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000733184 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._misc_.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000682496 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\pysqlite2._sqlite.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_ctypes.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000686080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\unicodedata.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000119808 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32file.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000108544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32security.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000007168 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\hashobjs_ext.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000017920 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\thumbnails_ext.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\usb_ext.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000012800 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\common.time34.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000018432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32event.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000167936 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32gui.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000046080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_socket.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 001303552 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_ssl.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000128512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_elementtree.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000127488 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\pyexpat.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000038912 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32inet.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000036864 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_psutil_windows.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000524248 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\windows._lib_cacheinvalidation.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000011264 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32crypt.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000123392 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._wizard.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000077312 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._html2.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000027648 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_multiprocessing.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000020480 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\_yappi.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000035840 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32process.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000078848 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\wx._animate.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000024064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32pipe.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000010240 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\select.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000025600 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32pdh.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000017408 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32profile.pyd
2017-09-21 19:01 - 2017-09-21 19:01 - 000022528 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126282\win32ts.pyd
2016-10-24 20:51 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-24 20:51 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2014-04-29 16:23 - 2014-04-29 16:23 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242919\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244776\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242953\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244800\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B35FBDA9-C65B-47A7-89EA-57B01B60EA65}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [{099D13E3-C461-4BC6-8AA9-D8FE2A5A3C87}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [UDP Query User{F3A72D23-B603-4F7B-94FB-759242EC9FE3}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [TCP Query User{7E91D023-B68C-446F-A88D-AF8F190CA3CF}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [{68DECFC6-06EC-4A89-9460-8AD119AB25DE}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{4B97FF0B-B5CC-4D2C-91C8-54E7C412E087}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{054FFD83-2C35-425A-8D3D-4D2E82399EAA}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{FAB710FB-1EE2-43CA-BE36-54DC74DEB183}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{EAF85DE4-1BA5-4707-A2E7-D559A31DFBD1}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{3B78D03A-6E75-4D58-9501-21A2B6179C24}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{4D87E320-DF34-41A4-8F18-D8116E522B26}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8E11CAB3-6576-4470-A984-06E21B7CCD74}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8ADDDCD5-DD4B-4D61-812C-374174D98790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{4084F086-02AC-47E7-9C96-3B15B1247049}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1C76DAE-E2B2-41EE-801B-3E9D69D8B13A}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{3031581B-B895-41FE-BE61-D71E733A7EB4}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C727FE97-2BFC-4CC6-9DE8-4017614559DA}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{109DC5D2-65DD-41CE-84AF-48D9AAB0B717}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{9A3EAE5E-89B1-4AD2-8DFD-CB336B818FDD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{F91E551C-A116-48CC-B153-40A168C2E616}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{88534B71-581A-4D5F-B59D-6B2AF72CD5B4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{577290BA-FE8E-4C77-824B-6DEC20F4E200}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{6085BDC2-49FA-49F2-B94C-349731FF7144}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DC19986E-04F8-4976-A8C9-A877E30A65A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EB2C4A04-B263-4F53-8C48-25BD52BA1022}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF91B00A-D570-4A7D-A43A-656A7DCCF011}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C452347E-DFEE-4634-9D0E-C1B309A53B9B}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E54F1CF7-D890-4660-A8FF-3B33B3B48422}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{950EC891-E6F9-408D-9B5D-D7EC6AB72F0C}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1604F9C6-4398-4F60-88EC-A2176B902862}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C72357B3-559F-4A68-BBB2-3FBCBDBF7A1A}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{2BEAFD9D-1698-49B7-95F2-2A97A6FC0CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7582F3C4-C10A-4E89-90AB-C81232CBBCF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6420D1C-B234-4DA2-954A-726B72908CC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FB4EACAA-BF4A-49E8-A136-700565C97C0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{CEB9BBAB-08A5-4389-B817-020D69F17D79}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{3F6BDE10-997F-4291-A3B5-4F19C9293999}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7FBA1017-EA2A-4C53-B1AF-CAEE09FECB0F}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AC1A3B22-C1AE-40E1-BA66-72DD31308CD7}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{46862880-DA2A-4AA5-917B-832CD216B58B}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{81A9155B-97BA-42AA-84ED-DCDE97025F32}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5CCC69C3-4230-46E2-A782-737A0F54BC49}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{D2140964-DED8-4194-BAE6-3EA3D82B8B6F}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{EA757548-9659-449E-8199-E51C3F89E26D}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{00C2E2E4-3633-49B0-9970-4524C088C2B1}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{9E454426-9F44-4B08-A3DB-02FE95983C52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C3A48BD7-716E-4B88-AC0F-2E68EECF9CED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CB37054-8DFE-45C6-B743-0569AAC3CF0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B6515389-2662-43D2-8E06-F2C5290E9289}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0D4F991-F4B8-4F57-8100-4E837C976F1F}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{1C40E035-51C4-4CB8-80AD-D93FF9F5B8E2}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{43EDC139-DF01-4D40-8CDE-95A7B93F3938}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{439074AF-839D-4F06-964E-941A5FBF869B}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{C0E4A294-6429-44E1-9433-E1B2B666707D}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{77DFD709-BD5A-4749-882E-F9486930E8A5}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{37EB6D7F-DFCE-4039-9F1B-1CE7CB28305F}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{7B6ABA40-F303-4C47-8B04-6E79AB68BF95}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{43D3BF8B-4235-48FA-A8D1-CCEAB3DE7B26}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{2723C32B-DE08-477A-BC47-B9AE48A6B32C}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{B5D2E769-682B-4CA6-830D-7B3D6993DA0D}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [{153174ED-074B-4C06-86DF-3FE701EAE4B2}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [UDP Query User{0B868E1C-C3B3-4D2B-9B32-17D522FCE3FE}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [TCP Query User{ED90E7CB-DBBA-4801-BA56-79C8372373AB}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [{47DB389D-A6C1-40A5-A325-E412016A8B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D8920E0-8239-4023-A97E-CE5267CCD157}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D3173BA-064A-461E-A0CE-85179956DEA0}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{C093C513-6B31-4E3F-B857-CA50004719AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AF4945FB-B71B-4916-885F-A60C3898874D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EEEDCE2-1BCB-459D-A368-30C5CC49F0C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5B363055-D6FD-486B-B3D7-6EA6C33899E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FCADDE1-0029-47CB-998E-04C33F148A61}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{BB23A4F2-1441-462D-B0BB-FB7A03B332CA}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D4C7EA1B-1517-4351-A08E-564C66FE839B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBFBEA75-7A73-4E80-BB55-87284A15977E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B801FC59-120D-49DA-9EAE-BD56C4A18D81}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C441A6F7-E05E-4C85-ADB1-79104BFDB08E}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{1182DFCA-2A8B-47B3-A4A6-262E767AE0C9}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{7503F75F-238A-4A7C-899C-FB96C6019A07}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{EEEA93BE-EBEF-4499-806F-E2E33963FFF9}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{52211986-6A85-43E4-BE5A-1FC707E379E0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{FD01900F-317E-494C-83BA-D57748671EBB}] => (Allow) C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{434A2C7B-F770-4086-9BD0-4CAECC9527DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{847190F2-960B-451F-8F4D-456C9A44530C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{75F57C39-04D7-41C6-9643-BDC52266E5FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA513ED1-547C-4D5A-B36C-B7C94B26CCEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50C2DA0F-76A2-4917-9335-0F6223DBD2E4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [UDP Query User{64C3315C-C436-4FFA-9E36-F7EC7CEBD1A4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [TCP Query User{845F1EDC-DFDD-4A88-8640-1665F249666D}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [UDP Query User{71508D2D-3E58-4453-BB15-72BA86B6FCC3}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{CF9B3EB5-9D48-45C7-8343-EC606051C258}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{124E2EF1-88B1-43C5-871D-1F55AF3E0B38}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{5C5C2DFC-FFF6-4416-9B39-87041120CF09}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{642977D6-B138-4E9F-B7DB-EAD38DCA1682}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{7A70B9E9-6BD6-422E-93E1-CF728AF6DE15}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{9EDC662F-5646-461B-B397-FC57EE2E20BF}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CE89E561-D33C-4E57-9A60-0B730AB2F192}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [{B7D96811-0573-4899-98EC-A0893B9E88F7}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [TCP Query User{D9F4D7D1-32EB-40C0-8863-F86532D0D71F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{052CCC83-FB80-4C6F-B8DA-4E68E91C5CB4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1E12540D-455F-483A-A2CC-F21FAF82B23B}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0CAA0EC-C64E-4B2F-B4A6-53D829A11C1D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{52059795-9EF3-4B25-B320-F03FB1C1C544}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E34EFAEF-361F-4813-BD7C-E018EFD198F5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8766D8A0-9D2C-4170-A10D-F713DF360CF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{3118D20C-60CA-402F-BA96-45E77CF8079C}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{E3907755-C264-403D-A56A-45AEAC3CB4F4}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{764473A7-036F-4825-BB17-CF7B4414023C}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{A4D0C427-7344-4B19-9D6F-89526017F839}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{FA28E123-C83B-438B-B91A-21B1ACB30F98}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D645DE72-22F3-4D3A-A75D-A1A1FDF2ED80}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{119EC3DC-E7AA-4141-BE01-CFB25FA7A03C}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FEF82CAC-01D6-47C8-A17C-9AD1F9E4F4B6}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC1368CB-8DD5-4543-BEF2-315DCB2A08D7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{5B717D7D-AA42-4908-BBE6-3674B2966586}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C56B60BB-8721-488E-A9F8-2F6B2763092C}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8555A0F3-A453-40A2-B000-1A1426E60F11}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{ACE19388-438D-4F8B-B62E-90CB7288CCD7}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{6EC638C8-873B-45CE-8A5F-DD2AD5A1E094}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{575E17B4-0C7F-4B19-A507-C7D732978D9A}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/21/2017 07:03:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/21/2017 07:03:33 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/20/2017 06:48:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/20/2017 06:40:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 55.0.3.6445, Zeitstempel: 0x599ed78a
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x168
Startzeit der fehlerhaften Anwendung: 0x01d3317e3c197368
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: be20cbde-1b32-487f-9ab2-2f02e702ef22
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 55.0.3.6445, Zeitstempel: 0x599edbef
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x3944
Startzeit der fehlerhaften Anwendung: 0x01d3317e523afba7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: a815ae63-7104-4138-b0ab-fc219dde8d0b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:33:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:33:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/17/2017 12:07:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x59079dd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x56c
Startzeit der fehlerhaften Anwendung: 0x01d32c8d2faed14d
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 5dce9ebc-6bc4-455b-99c3-103d52523f16
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/17/2017 11:53:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (09/21/2017 07:00:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/21/2017 07:00:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann.
Error: (09/21/2017 07:00:18 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des BITS-Dienstes. Fehler: 2147500053.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 06:58:55 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-08-23 16:10:28.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8133.69 MB
Verfügbarer physikalischer RAM: 4323.06 MB
Summe virtueller Speicher: 18885.69 MB
Verfügbarer virtueller Speicher: 14660.84 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:110.8 GB) (Free:43.07 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:184.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 261C8E12)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C2F9017A)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
21.09.2017, 20:51
| #11 |
| /// TB-Ausbilder | Microsoft-Ansage "Pc deaktivieren" Virus Servus, Schritt 1
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
21.09.2017, 21:05
| #12 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Christophh (21-09-2017 21:59:23) Run:1
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh & (Verfügbare Profile: Christophh)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
BHO-x32: Kein Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Keine Datei
Task: {1B85927A-612F-4181-85EE-63FE2ED0865B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1CC83974-E9D3-4810-BA4C-7220F4900776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2174755F-05CE-49D0-AE15-747D140A045B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {23E845F4-7EBF-4E56-AC3B-366E26A110AC} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {5616F5D0-8636-485C-B6CC-57BBDB454828} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6EFCD18D-6694-43F7-B182-2EE79B5F01BC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {75639B92-6F08-447D-9DB6-2C9EB681FEE9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {90486FE1-A505-47DA-A1B3-4A19B2E5BE65} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {B40A4036-DD57-47F9-858C-63F09F3AB501} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E3490B13-F99A-4811-B177-587C23626ADE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {ED950690-48CA-447A-AB14-0DE3300969AA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF} => Schlüssel erfolgreich entfernt
HKLM\Software\Wow6432Node\Classes\CLSID\{451C804F-C205-4F03-B48E-537EC94937BF} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B85927A-612F-4181-85EE-63FE2ED0865B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B85927A-612F-4181-85EE-63FE2ED0865B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CC83974-E9D3-4810-BA4C-7220F4900776} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CC83974-E9D3-4810-BA4C-7220F4900776} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2174755F-05CE-49D0-AE15-747D140A045B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2174755F-05CE-49D0-AE15-747D140A045B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23E845F4-7EBF-4E56-AC3B-366E26A110AC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23E845F4-7EBF-4E56-AC3B-366E26A110AC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5616F5D0-8636-485C-B6CC-57BBDB454828} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5616F5D0-8636-485C-B6CC-57BBDB454828} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57DAE5F8-1816-492B-8F12-A9E09F8E5CB8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EFCD18D-6694-43F7-B182-2EE79B5F01BC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EFCD18D-6694-43F7-B182-2EE79B5F01BC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7539DC7C-75F8-4E3C-AE08-CEE7DC8A8D19} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75639B92-6F08-447D-9DB6-2C9EB681FEE9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75639B92-6F08-447D-9DB6-2C9EB681FEE9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CEC7DAB-1DF8-4CAC-B1AD-1F7974C926EA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90486FE1-A505-47DA-A1B3-4A19B2E5BE65} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90486FE1-A505-47DA-A1B3-4A19B2E5BE65} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B40A4036-DD57-47F9-858C-63F09F3AB501} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B40A4036-DD57-47F9-858C-63F09F3AB501} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3490B13-F99A-4811-B177-587C23626ADE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3490B13-F99A-4811-B177-587C23626ADE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED950690-48CA-447A-AB14-0DE3300969AA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED950690-48CA-447A-AB14-0DE3300969AA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F939F199-A9C4-4E54-AA34-5B1E01F1C2B1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190242967\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09212017190244821\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36249788 B
Java, Flash, Steam htmlcache => 513656793 B
Windows/system/drivers => 2785767 B
Edge => 92 B
Chrome => 183296 B
Firefox => 416459022 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 14443 B
LocalService => 3266 B
NetworkService => 0 B
Christophh => 338004384 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:59:36 ====
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 22:02 on 21/09/2017 by Christophh
Administrator - Elevation successful
========== filefind ==========
Searching for "*Offers*Olymp*"
No files found.
========== folderfind ==========
Searching for "*Offers*Olymp*"
C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\browser-extension-data\@offersolymp d------ [12:38 26/08/2017]
========== regfind ==========
Searching for "OffersOlymp"
No data found.
Searching for "Offers Olymp"
No data found.
-= EOF =-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von Christophh (Administrator) auf CHRISTOPH (21-09-2017 22:03:49)
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh (Verfügbare Profile: Christophh)
Platform: Windows 10 Pro N Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\Steam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(AVM Berlin) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Users\Christophh\Downloads\SystemLook_x64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25607952 2017-08-04] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-02-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebeed22-0f5c-4834-a642-ac386011e952}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-10-28] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-28] (DVDVideoSoft Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
FireFox:
========
FF DefaultProfile: wnpf6fue.default
FF ProfilePath: C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default [2017-09-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\wnpf6fue.default -> type", 0
FF Extension: (ProxTube) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\ich@maltegoetz.de.xpi [2017-06-29]
FF Extension: (Adblock Plus) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Slides) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Steam Inventory Helper) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-08-23]
CHR Extension: (Google Search) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Yahoo Partner) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-23]
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [402768 2017-08-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-16] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-11-10] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2015-11-01] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [32792 2015-09-29] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-21 22:02 - 2017-09-21 22:03 - 000001122 _____ C:\Users\Christophh\Downloads\SystemLook.txt
2017-09-21 22:01 - 2017-09-21 22:01 - 000165376 _____ C:\Users\Christophh\Downloads\SystemLook_x64.exe
2017-09-21 21:59 - 2017-09-21 21:59 - 000012407 _____ C:\Users\Christophh\Downloads\Fixlog.txt
2017-09-21 19:05 - 2017-09-21 19:05 - 000006157 _____ C:\Users\Christophh\Desktop\mbam.txt
2017-09-21 19:02 - 2017-09-21 22:00 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-21 19:02 - 2017-09-21 22:00 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-21 19:02 - 2017-09-21 22:00 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-21 19:02 - 2017-09-21 22:00 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-21 19:01 - 2017-09-21 19:01 - 068408664 _____ (Malwarebytes ) C:\Users\Christophh\Downloads\mb3-setup-consumer-3.2.2.2029.exe
2017-09-21 19:01 - 2017-09-21 19:01 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-21 19:01 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-21 18:56 - 2017-09-21 18:56 - 008182736 _____ (Malwarebytes) C:\Users\Christophh\Downloads\adwcleaner_7.0.2.1.exe
2017-09-20 21:40 - 2017-09-20 21:41 - 000088370 _____ C:\TDSSKiller.3.1.0.15_20.09.2017_21.40.12_log.txt
2017-09-20 21:40 - 2017-09-20 21:40 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Christophh\Downloads\tdsskiller.exe
2017-09-20 21:38 - 2017-09-20 21:38 - 000000000 ____D C:\Users\Christophh\Downloads\FRST-OlderVersion
2017-09-20 21:35 - 2017-09-20 21:35 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-09-20 18:39 - 2017-09-20 18:39 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 18:39 - 2017-09-20 18:39 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-09-20 18:39 - 2017-09-20 18:39 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-09-19 22:12 - 2017-09-21 19:06 - 000064776 _____ C:\Users\Christophh\Downloads\Addition.txt
2017-09-19 22:11 - 2017-09-21 22:04 - 000024521 _____ C:\Users\Christophh\Downloads\FRST.txt
2017-09-19 22:11 - 2017-09-21 22:03 - 000000000 ____D C:\FRST
2017-09-19 22:10 - 2017-09-20 21:38 - 002399744 _____ (Farbar) C:\Users\Christophh\Downloads\FRST64.exe
2017-09-12 23:00 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-12 23:00 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-12 23:00 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-12 23:00 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 23:00 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 23:00 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-12 23:00 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-12 23:00 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-12 23:00 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-12 22:59 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-12 22:59 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-12 22:59 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-12 22:59 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-12 22:59 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-12 22:59 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-12 22:59 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-12 22:59 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-12 22:59 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-12 22:59 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-12 22:59 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-12 22:59 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-12 22:59 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-12 22:59 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-12 22:59 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-12 22:59 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-12 22:59 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-12 22:59 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-12 22:59 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-12 22:59 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-12 22:59 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-12 22:59 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-12 22:59 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-12 22:59 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-12 22:59 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-12 22:59 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-12 22:59 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-12 22:59 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-12 22:59 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-12 22:59 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-12 22:59 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-12 22:59 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-12 22:59 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-06 23:49 - 2017-09-06 23:49 - 000000041 _____ C:\Users\Christophh\Desktop\sky.txt
2017-09-05 00:11 - 2017-09-05 00:11 - 005004137 _____ C:\Users\Christophh\Desktop\867c5e9ab0891a8d.mp4
2017-08-27 19:38 - 2017-08-27 19:38 - 000461541 _____ C:\Users\Christophh\Downloads\8CTVBK
2017-08-27 19:36 - 2017-08-27 19:36 - 000188608 _____ C:\Users\Christophh\Downloads\Documents(1).zip
2017-08-27 19:36 - 2017-06-07 11:04 - 000037225 ____N C:\Users\Christophh\Desktop\Tutorium06-SS17.pdf
2017-08-27 19:36 - 2017-05-29 11:33 - 000037344 ____N C:\Users\Christophh\Desktop\Tutorium05-SS17.pdf
2017-08-27 19:36 - 2017-05-24 15:05 - 000037470 ____N C:\Users\Christophh\Desktop\Tutorium04-SS17.pdf
2017-08-27 19:36 - 2017-05-17 11:57 - 000037932 ____N C:\Users\Christophh\Desktop\Tutorium03-SS17.pdf
2017-08-27 19:36 - 2017-05-15 08:43 - 000032988 ____N C:\Users\Christophh\Desktop\Tutorium02-SS17.pdf
2017-08-27 19:36 - 2017-05-04 09:54 - 000048413 ____N C:\Users\Christophh\Desktop\Tutorium01-SS17.pdf
2017-08-27 19:35 - 2017-08-27 19:35 - 015613585 _____ C:\Users\Christophh\Downloads\Documents.zip
2017-08-26 21:39 - 2017-08-26 21:39 - 020317282 _____ C:\Users\Christophh\Downloads\Gmail.zip
2017-08-23 19:05 - 2017-08-23 19:05 - 000000000 ____D C:\Steamspiele
2017-08-23 16:11 - 2017-09-21 22:00 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Spotify
2017-08-23 16:11 - 2017-09-21 22:00 - 000000000 ____D C:\Users\Christophh\AppData\Local\Spotify
2017-08-23 16:11 - 2017-08-23 16:11 - 000001914 _____ C:\Users\Christophh\Desktop\Spotify.lnk
2017-08-23 16:11 - 2017-08-23 16:11 - 000001900 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-23 16:10 - 2017-08-23 16:10 - 058203272 _____ (Spotify Ltd) C:\Users\Christophh\Downloads\SpotifyFullSetup.exe
2017-08-23 16:10 - 2017-08-23 16:10 - 000000247 _____ C:\SILENT
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-21 22:02 - 2017-06-27 13:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-21 22:02 - 2015-11-08 15:35 - 000000000 ____D C:\Users\Christophh\AppData\Local\LogMeIn Hamachi
2017-09-21 22:01 - 2015-12-18 22:56 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Skype
2017-09-21 22:00 - 2017-06-27 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-21 22:00 - 2016-11-20 12:30 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Mozilla
2017-09-21 22:00 - 2015-10-16 15:20 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\TS3Client
2017-09-21 22:00 - 2015-10-16 15:11 - 000000000 ____D C:\ProgramData\Origin
2017-09-21 21:59 - 2017-06-27 13:16 - 000000000 ____D C:\Users\Christophh
2017-09-21 21:59 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-21 21:59 - 2017-03-14 13:06 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Temp
2017-09-21 21:51 - 2017-06-27 13:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B4380E-769C-4734-94C3-69A9011C9AF2}
2017-09-21 19:06 - 2017-06-27 13:25 - 002577712 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-21 19:06 - 2017-03-20 06:40 - 001192102 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-21 19:06 - 2017-03-20 06:40 - 000274720 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-21 19:06 - 2017-03-18 23:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-21 19:06 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-21 19:04 - 2017-07-27 14:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647985832-747989680-4269839675-1001
2017-09-21 19:04 - 2016-07-29 20:50 - 000002437 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-21 19:04 - 2015-10-28 19:14 - 000000000 ___RD C:\Users\Christophh\OneDrive
2017-09-21 18:58 - 2017-08-01 19:46 - 000000000 ____D C:\Users\Christophh\AppData\Local\Downloaded Installations
2017-09-21 18:58 - 2017-06-02 21:38 - 000000000 ____D C:\AdwCleaner
2017-09-20 22:30 - 2017-06-27 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-20 18:55 - 2015-10-28 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-20 18:38 - 2015-10-16 13:14 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-09-19 22:10 - 2017-06-30 17:03 - 000000000 ____D C:\Users\Christophh\AppData\Local\Deployment
2017-09-19 21:36 - 2017-03-18 23:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 21:36 - 2017-03-18 23:00 - 000000000 ____D C:\WINDOWS\INF
2017-09-14 14:14 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\rescache
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-13 18:48 - 2015-10-16 13:14 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-09-13 14:38 - 2017-06-27 13:15 - 000381288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 14:38 - 2016-04-27 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 00:07 - 2017-03-20 06:39 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 23:02 - 2015-10-16 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:01 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 23:01 - 2015-10-16 13:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-02 19:30 - 2015-10-16 15:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-02 17:57 - 2016-01-24 17:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-02 17:15 - 2017-03-18 23:04 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:04 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 19:58 - 2016-11-19 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-27 19:58 - 2015-10-16 14:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-25 15:44 - 2017-07-27 22:57 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-25 15:40 - 2016-01-15 21:16 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-25 15:40 - 2016-01-15 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-24 21:30 - 2016-08-12 16:59 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 21:30 - 2016-08-12 16:59 - 000000000 ____D C:\Users\Christophh\AppData\Local\UnrealEngine
2017-08-23 14:38 - 2015-10-28 19:16 - 000000000 ____D C:\Users\Christophh\AppData\Local\MSfree Inc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 20:07 - 2017-01-27 18:49 - 000007591 _____ () C:\Users\Christophh\AppData\Local\Resmon.ResmonCfg
2015-10-29 20:55 - 2015-10-29 20:55 - 000000003 _____ () C:\Users\Christophh\AppData\Local\updater.log
2015-10-29 20:55 - 2017-05-06 11:08 - 000000425 _____ () C:\Users\Christophh\AppData\Local\UserProducts.xml
2016-09-25 17:14 - 2016-09-25 17:14 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-20 18:48
==================== Ende von FRST.txt ============================
|
|
21.09.2017, 21:06
| #13 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Christophh (21-09-2017 22:04:13)
Gestartet von C:\Users\Christophh\Downloads
Windows 10 Pro N Version 1703 (X64) (2017-06-27 11:22:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2647985832-747989680-4269839675-500 - Administrator - Disabled)
Christophh (S-1-5-21-2647985832-747989680-4269839675-1001 - Administrator - Enabled) => C:\Users\Christophh
DefaultAccount (S-1-5-21-2647985832-747989680-4269839675-503 - Limited - Disabled)
Gast (S-1-5-21-2647985832-747989680-4269839675-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.66 - NVIDIA Corporation) Hidden
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Avira (HKLM-x32\...\{1B48601D-0537-4589-9952-A8989BE8249A}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7c01a3b4-3454-446e-8473-8a245f962c28}) (Version: 1.2.96.16095 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.31.27 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.52296 - Electronic Arts)
Battlefield™ 1 CTE (HKLM-x32\...\{E970EAB6-8F6F-4E72-AB13-F6648397322C}) (Version: 1.0.49.53737 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead by Daylight (HKLM\...\Steam App 381210) (Version: - Behaviour Digital Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
Fallout 4 MULTi2 1.1.30 (HKLM-x32\...\Fallout 4 MULTi2 1.1.30) (Version: - )
Fallout 4 Update 7 MULTi2 1.3.47 (HKLM-x32\...\Fallout 4 Update 7 MULTi2 1.3.47) (Version: - )
Far Cry 4 Final DLC Edition (HKLM-x32\...\Far Cry 4 Final DLC Edition) (Version: 1.01 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\2db37667170956ee) (Version: 2.3.3.2 - AVM Berlin)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.163.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.9.6 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.642 - IBM Corp)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY 2 Demo (HKLM\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version: - )
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version: - ConcernedApe)
SteelSeries Engine 3.6.5.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.5.1 - SteelSeries ApS)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version: - Rune Forge)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {079C14B1-CB36-4B02-B028-CE0CEDA98B4A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {12499066-3D4B-4DED-83CB-F1FFC715E2D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {145BC74F-115A-4698-B56C-BFC772C08436} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {4251EA1E-A6D3-45D4-AFC1-95DE3060F863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {49B78674-9BE2-4E99-8E88-AC2E440BC2B0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {4E86110C-D824-4944-9638-7481FB7299E1} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {555A41E3-676C-4710-B88E-201FC8C82C05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {5DB0FBE3-2D87-4192-AA89-2F4CF88D24F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {63A3C67B-2DA1-4C68-8C6A-B4C1EFF5C3CA} - System32\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {6575BDDC-DB1C-46B8-B459-A0EF649F9694} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {67A30A74-9E49-4542-BF72-B99B5AC568F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {6A59C583-FBB0-4F2B-A452-307A30BEF6BC} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {7CC31553-2D5E-438B-A5DA-27AF6A753689} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {8690B4D6-D373-4296-AD8C-77CCA8827DF9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {8787C227-430F-4D02-A178-C9E614996DFE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-09-20] (Avira Operations GmbH & Co. KG)
Task: {93ECD6F2-41F2-473D-8DBE-3930D5A6083C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {96F6BD3B-3A9D-4A82-B65F-BCEBF51B29BC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {98895E9E-010F-44A4-9E71-8EA31ABF20E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-19] (Microsoft Corporation)
Task: {A69FDB4A-CE01-4556-9505-DB1511ECBE78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {B6B33C06-EB44-4CFA-84ED-342E4C5E7039} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {BBC48FF0-B417-4CFE-9DB7-E25CCB958C99} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-20] ()
Task: {F0FAB5DD-8534-4FD2-84F4-9F6707BF3BA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {F4319554-C5A5-4435-80A5-0A304DCF0B9A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {F4D99559-374E-46D7-BF35-2CFC0C780B4E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2647985832-747989680-4269839675-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-27 13:16 - 2013-07-04 03:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-10-24 20:51 - 2017-02-23 20:34 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-29 21:11 - 2015-11-10 18:38 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-09-21 19:01 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:56 - 2017-03-18 22:56 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:58 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-11 19:12 - 2017-08-23 17:49 - 000021856 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2015-10-10 19:14 - 2017-03-29 19:00 - 000174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-10 19:13 - 2017-03-29 19:00 - 000103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-10 19:13 - 2017-03-29 19:00 - 000107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-10 19:14 - 2017-03-29 19:00 - 000312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-10 19:14 - 2017-03-29 19:00 - 000485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2017-09-21 22:01 - 2017-09-21 22:01 - 000165376 _____ () C:\Users\Christophh\Downloads\SystemLook_x64.exe
2017-06-27 13:16 - 2017-09-21 22:00 - 000038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-06-27 13:16 - 2013-07-04 03:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-29 18:47 - 2017-05-23 13:57 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-24 20:51 - 2017-02-23 20:33 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-24 20:51 - 2017-02-23 20:34 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-09-02 17:53 - 2017-08-04 23:19 - 000678176 _____ () D:\Steam\SDL2.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 002505504 _____ () D:\Steam\video.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 004969248 _____ () D:\Steam\v8.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000332800 _____ () D:\Steam\libavresample-2.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 002549760 _____ () D:\Steam\libavcodec-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000442880 _____ () D:\Steam\libavutil-54.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000491008 _____ () D:\Steam\libavformat-56.dll
2016-10-14 21:39 - 2016-01-27 09:49 - 000485888 _____ () D:\Steam\libswscale-3.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001563936 _____ () D:\Steam\icui18n.dll
2016-10-14 21:39 - 2016-09-01 03:02 - 001195296 _____ () D:\Steam\icuuc.dll
2017-09-08 10:00 - 2017-09-07 06:51 - 000885024 _____ () D:\Steam\bin\chromehtml.DLL
2016-10-14 21:39 - 2016-07-05 00:17 - 000266560 _____ () D:\Steam\openvr_api.dll
2017-09-02 17:53 - 2017-07-18 00:50 - 073115424 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 09:16 - 2017-05-17 03:54 - 000678176 _____ () D:\Steam\bin\cef\cef.win7\SDL2.dll
2016-10-14 21:39 - 2015-09-25 01:52 - 000119208 _____ () D:\Steam\winh264.dll
2016-10-20 15:48 - 2017-08-23 17:48 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-10-20 15:48 - 2017-08-23 17:48 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-10-16 15:20 - 2016-07-03 11:42 - 000266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2017-09-21 22:00 - 2017-09-21 22:00 - 000098816 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32api.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000110080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\pywintypes27.dll
2017-09-21 22:00 - 2017-09-21 22:00 - 000364544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\pythoncom27.dll
2017-09-21 22:00 - 2017-09-21 22:00 - 000320512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32com.shell.shell.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000914432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_hashlib.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 001176576 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._core_.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000806400 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._gdi_.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000816128 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._windows_.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 001067008 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._controls_.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000733184 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._misc_.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000682496 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\pysqlite2._sqlite.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_ctypes.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000686080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\unicodedata.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000119808 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32file.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000108544 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32security.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000007168 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\hashobjs_ext.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000017920 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\thumbnails_ext.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000088064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\usb_ext.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000012800 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\common.time34.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000018432 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32event.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000167936 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32gui.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000046080 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_socket.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 001303552 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_ssl.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000128512 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_elementtree.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000127488 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\pyexpat.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000038912 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32inet.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000036864 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_psutil_windows.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000524248 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\windows._lib_cacheinvalidation.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000011264 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32crypt.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000123392 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._wizard.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000077312 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._html2.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000027648 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_multiprocessing.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000020480 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\_yappi.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000035840 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32process.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000078848 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\wx._animate.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000024064 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32pipe.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000010240 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\select.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000025600 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32pdh.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000017408 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32profile.pyd
2017-09-21 22:00 - 2017-09-21 22:00 - 000022528 ____R () C:\Users\Christophh\AppData\Local\Temp\_MEI126322\win32ts.pyd
2016-10-24 20:51 - 2017-02-23 16:30 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-24 20:51 - 2017-02-23 16:30 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-24 20:51 - 2017-02-23 16:30 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2014-04-29 16:23 - 2014-04-29 16:23 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B35FBDA9-C65B-47A7-89EA-57B01B60EA65}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [{099D13E3-C461-4BC6-8AA9-D8FE2A5A3C87}] => (Block) D:\programme\spss\stats.exe
FirewallRules: [UDP Query User{F3A72D23-B603-4F7B-94FB-759242EC9FE3}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [TCP Query User{7E91D023-B68C-446F-A88D-AF8F190CA3CF}D:\programme\spss\stats.exe] => (Allow) D:\programme\spss\stats.exe
FirewallRules: [{68DECFC6-06EC-4A89-9460-8AD119AB25DE}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{4B97FF0B-B5CC-4D2C-91C8-54E7C412E087}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1.exe
FirewallRules: [{054FFD83-2C35-425A-8D3D-4D2E82399EAA}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{FAB710FB-1EE2-43CA-BE36-54DC74DEB183}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1\bf1Trial.exe
FirewallRules: [{EAF85DE4-1BA5-4707-A2E7-D559A31DFBD1}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{3B78D03A-6E75-4D58-9501-21A2B6179C24}] => (Allow) D:\Spiele\Battlefield 1 CTE\Battlefield 1 CTE\bf1_cte.exe
FirewallRules: [{4D87E320-DF34-41A4-8F18-D8116E522B26}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8E11CAB3-6576-4470-A984-06E21B7CCD74}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8ADDDCD5-DD4B-4D61-812C-374174D98790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{4084F086-02AC-47E7-9C96-3B15B1247049}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{A1C76DAE-E2B2-41EE-801B-3E9D69D8B13A}D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{3031581B-B895-41FE-BE61-D71E733A7EB4}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{C727FE97-2BFC-4CC6-9DE8-4017614559DA}] => (Allow) D:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{109DC5D2-65DD-41CE-84AF-48D9AAB0B717}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{9A3EAE5E-89B1-4AD2-8DFD-CB336B818FDD}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{F91E551C-A116-48CC-B153-40A168C2E616}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{88534B71-581A-4D5F-B59D-6B2AF72CD5B4}] => (Allow) D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{577290BA-FE8E-4C77-824B-6DEC20F4E200}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{6085BDC2-49FA-49F2-B94C-349731FF7144}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DC19986E-04F8-4976-A8C9-A877E30A65A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EB2C4A04-B263-4F53-8C48-25BD52BA1022}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF91B00A-D570-4A7D-A43A-656A7DCCF011}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C452347E-DFEE-4634-9D0E-C1B309A53B9B}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E54F1CF7-D890-4660-A8FF-3B33B3B48422}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{950EC891-E6F9-408D-9B5D-D7EC6AB72F0C}] => (Block) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1604F9C6-4398-4F60-88EC-A2176B902862}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{C72357B3-559F-4A68-BBB2-3FBCBDBF7A1A}D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe] => (Allow) D:\spiele\heroes of the storm\versions\base48548\heroesofthestorm_x64.exe
FirewallRules: [{2BEAFD9D-1698-49B7-95F2-2A97A6FC0CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7582F3C4-C10A-4E89-90AB-C81232CBBCF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6420D1C-B234-4DA2-954A-726B72908CC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FB4EACAA-BF4A-49E8-A136-700565C97C0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{CEB9BBAB-08A5-4389-B817-020D69F17D79}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{3F6BDE10-997F-4291-A3B5-4F19C9293999}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{7FBA1017-EA2A-4C53-B1AF-CAEE09FECB0F}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{AC1A3B22-C1AE-40E1-BA66-72DD31308CD7}] => (Allow) D:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [UDP Query User{46862880-DA2A-4AA5-917B-832CD216B58B}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{81A9155B-97BA-42AA-84ED-DCDE97025F32}D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\sicherung\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{5CCC69C3-4230-46E2-A782-737A0F54BC49}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{D2140964-DED8-4194-BAE6-3EA3D82B8B6F}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{EA757548-9659-449E-8199-E51C3F89E26D}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{00C2E2E4-3633-49B0-9970-4524C088C2B1}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{9E454426-9F44-4B08-A3DB-02FE95983C52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C3A48BD7-716E-4B88-AC0F-2E68EECF9CED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CB37054-8DFE-45C6-B743-0569AAC3CF0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B6515389-2662-43D2-8E06-F2C5290E9289}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0D4F991-F4B8-4F57-8100-4E837C976F1F}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{1C40E035-51C4-4CB8-80AD-D93FF9F5B8E2}] => (Block) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{43EDC139-DF01-4D40-8CDE-95A7B93F3938}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{439074AF-839D-4F06-964E-941A5FBF869B}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{C0E4A294-6429-44E1-9433-E1B2B666707D}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{77DFD709-BD5A-4749-882E-F9486930E8A5}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{37EB6D7F-DFCE-4039-9F1B-1CE7CB28305F}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{7B6ABA40-F303-4C47-8B04-6E79AB68BF95}] => (Block) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{43D3BF8B-4235-48FA-A8D1-CCEAB3DE7B26}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{2723C32B-DE08-477A-BC47-B9AE48A6B32C}D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{B5D2E769-682B-4CA6-830D-7B3D6993DA0D}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [{153174ED-074B-4C06-86DF-3FE701EAE4B2}] => (Block) D:\spiele\gtav\gta5.exe
FirewallRules: [UDP Query User{0B868E1C-C3B3-4D2B-9B32-17D522FCE3FE}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [TCP Query User{ED90E7CB-DBBA-4801-BA56-79C8372373AB}D:\spiele\gtav\gta5.exe] => (Allow) D:\spiele\gtav\gta5.exe
FirewallRules: [{47DB389D-A6C1-40A5-A325-E412016A8B43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D8920E0-8239-4023-A97E-CE5267CCD157}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D3173BA-064A-461E-A0CE-85179956DEA0}] => (Allow) D:\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{C093C513-6B31-4E3F-B857-CA50004719AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AF4945FB-B71B-4916-885F-A60C3898874D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1EEEDCE2-1BCB-459D-A368-30C5CC49F0C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5B363055-D6FD-486B-B3D7-6EA6C33899E8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0FCADDE1-0029-47CB-998E-04C33F148A61}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{BB23A4F2-1441-462D-B0BB-FB7A03B332CA}] => (Allow) D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{D4C7EA1B-1517-4351-A08E-564C66FE839B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBFBEA75-7A73-4E80-BB55-87284A15977E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B801FC59-120D-49DA-9EAE-BD56C4A18D81}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C441A6F7-E05E-4C85-ADB1-79104BFDB08E}] => (Allow) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{1182DFCA-2A8B-47B3-A4A6-262E767AE0C9}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{7503F75F-238A-4A7C-899C-FB96C6019A07}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{EEEA93BE-EBEF-4499-806F-E2E33963FFF9}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{52211986-6A85-43E4-BE5A-1FC707E379E0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{FD01900F-317E-494C-83BA-D57748671EBB}] => (Allow) C:\Users\Christophh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{434A2C7B-F770-4086-9BD0-4CAECC9527DA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{847190F2-960B-451F-8F4D-456C9A44530C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{75F57C39-04D7-41C6-9643-BDC52266E5FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FA513ED1-547C-4D5A-B36C-B7C94B26CCEA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50C2DA0F-76A2-4917-9335-0F6223DBD2E4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [UDP Query User{64C3315C-C436-4FFA-9E36-F7EC7CEBD1A4}D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe] => (Allow) D:\spiele\far cry 4 final dlc edition\bin\farcry4.exe
FirewallRules: [TCP Query User{845F1EDC-DFDD-4A88-8640-1665F249666D}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [UDP Query User{71508D2D-3E58-4453-BB15-72BA86B6FCC3}D:\spiele\simcity\simcity\simcity.exe] => (Allow) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{CF9B3EB5-9D48-45C7-8343-EC606051C258}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{124E2EF1-88B1-43C5-871D-1F55AF3E0B38}] => (Block) D:\spiele\simcity\simcity\simcity.exe
FirewallRules: [{5C5C2DFC-FFF6-4416-9B39-87041120CF09}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{642977D6-B138-4E9F-B7DB-EAD38DCA1682}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{7A70B9E9-6BD6-422E-93E1-CF728AF6DE15}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{9EDC662F-5646-461B-B397-FC57EE2E20BF}D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [{CE89E561-D33C-4E57-9A60-0B730AB2F192}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [{B7D96811-0573-4899-98EC-A0893B9E88F7}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2 Demo\payday2_win32_release.exe
FirewallRules: [TCP Query User{D9F4D7D1-32EB-40C0-8863-F86532D0D71F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{052CCC83-FB80-4C6F-B8DA-4E68E91C5CB4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{1E12540D-455F-483A-A2CC-F21FAF82B23B}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0CAA0EC-C64E-4B2F-B4A6-53D829A11C1D}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{52059795-9EF3-4B25-B320-F03FB1C1C544}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E34EFAEF-361F-4813-BD7C-E018EFD198F5}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8766D8A0-9D2C-4170-A10D-F713DF360CF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{3118D20C-60CA-402F-BA96-45E77CF8079C}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{E3907755-C264-403D-A56A-45AEAC3CB4F4}C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{764473A7-036F-4825-BB17-CF7B4414023C}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{A4D0C427-7344-4B19-9D6F-89526017F839}] => (Block) C:\steamspiele\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{FA28E123-C83B-438B-B91A-21B1ACB30F98}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D645DE72-22F3-4D3A-A75D-A1A1FDF2ED80}C:\users\christophh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{119EC3DC-E7AA-4141-BE01-CFB25FA7A03C}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FEF82CAC-01D6-47C8-A17C-9AD1F9E4F4B6}] => (Block) C:\users\christophh\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC1368CB-8DD5-4543-BEF2-315DCB2A08D7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{5B717D7D-AA42-4908-BBE6-3674B2966586}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C56B60BB-8721-488E-A9F8-2F6B2763092C}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8555A0F3-A453-40A2-B000-1A1426E60F11}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{ACE19388-438D-4F8B-B62E-90CB7288CCD7}] => (Block) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{6EC638C8-873B-45CE-8A5F-DD2AD5A1E094}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{575E17B4-0C7F-4B19-A507-C7D732978D9A}] => (Allow) C:\Steamspiele\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/21/2017 10:00:15 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/21/2017 09:59:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Christoph)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/21/2017 07:10:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/21/2017 07:03:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/21/2017 07:03:33 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/20/2017 06:48:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/20/2017 06:40:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/19/2017 09:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 55.0.3.6445, Zeitstempel: 0x599ed78a
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x168
Startzeit der fehlerhaften Anwendung: 0x01d3317e3c197368
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: be20cbde-1b32-487f-9ab2-2f02e702ef22
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:35:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 55.0.3.6445, Zeitstempel: 0x599edbef
Name des fehlerhaften Moduls: xul.dll, Version: 55.0.3.6445, Zeitstempel: 0x599edbdd
Ausnahmecode: 0x80000003
Fehleroffset: 0x0076a5cf
ID des fehlerhaften Prozesses: 0x3944
Startzeit der fehlerhaften Anwendung: 0x01d3317e523afba7
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: a815ae63-7104-4138-b0ab-fc219dde8d0b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/19/2017 09:33:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (09/21/2017 10:00:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (09/21/2017 09:59:45 PM) (Source: DCOM) (EventID: 10010) (User: Christoph)
Description: Der Server "Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Telemetry Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/21/2017 09:59:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 11" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-08-23 16:10:28.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 8133.69 MB
Verfügbarer physikalischer RAM: 3468.93 MB
Summe virtueller Speicher: 18885.69 MB
Verfügbarer virtueller Speicher: 14390.69 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:110.8 GB) (Free:44.37 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:166.48 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 261C8E12)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: C2F9017A)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
21.09.2017, 21:12
| #14 |
| /// TB-Ausbilder | Microsoft-Ansage "Pc deaktivieren" Virus Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
22.09.2017, 16:15
| #15 |
| | Microsoft-Ansage "Pc deaktivieren" VirusCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-09-2017
durchgeführt von Christophh (21-09-2017 23:02:29) Run:3
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh (Verfügbare Profile: Christophh)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\browser-extension-data\@offersolymp
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
"C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\browser-extension-data\@offersolymp" => nicht gefunden.
========= dir "%ProgramFiles%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Program Files
21.09.2017 19:01 <DIR> .
21.09.2017 19:01 <DIR> ..
27.06.2017 13:16 <DIR> ASUS
14.04.2017 17:12 <DIR> AutoHotkey
14.03.2017 19:21 <DIR> CCleaner
18.12.2015 19:46 <DIR> CEWE
27.06.2017 13:17 <DIR> Common Files
01.08.2017 19:46 <DIR> CPUID
20.09.2016 19:54 <DIR> EslWire
15.08.2016 21:27 <DIR> Futuremark
27.06.2017 13:17 <DIR> Intel
13.09.2017 00:07 <DIR> Internet Explorer
21.09.2017 19:01 <DIR> Malwarebytes
28.10.2015 19:11 <DIR> Microsoft Office 15
28.06.2017 20:04 <DIR> Microsoft Silverlight
27.06.2017 14:10 <DIR> MSBuild
27.06.2017 13:17 <DIR> NVIDIA Corporation
06.12.2016 21:15 <DIR> OnlineFotoservice
27.06.2017 14:10 <DIR> Reference Assemblies
27.12.2016 23:35 <DIR> Rockstar Games
28.10.2015 19:26 <DIR> Sony
03.02.2016 21:25 <DIR> SteelSeries
23.02.2016 21:42 <DIR> TAP-Windows
29.03.2017 19:00 <DIR> TeamSpeak 3 Client
28.10.2015 19:16 <DIR> UNi Xonar Audio
13.04.2017 11:32 <DIR> UNP
28.10.2015 19:39 <DIR> VideoLAN
11.07.2017 22:04 <DIR> Windows Defender
20.03.2017 06:41 <DIR> Windows Defender Advanced Threat Protection
13.09.2017 00:07 <DIR> Windows Mail
27.06.2017 14:08 <DIR> Windows Media Player
27.06.2017 14:08 <DIR> Windows Multimedia Platform
27.06.2017 13:22 <DIR> Windows NT
13.09.2017 00:07 <DIR> Windows Photo Viewer
27.06.2017 14:08 <DIR> Windows Portable Devices
18.03.2017 23:02 <DIR> Windows Security
18.03.2017 23:02 <DIR> WindowsPowerShell
28.10.2015 19:40 <DIR> WinRAR
0 Datei(en), 0 Bytes
38 Verzeichnis(se), 47.759.687.680 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Program Files (x86)
21.09.2017 18:58 <DIR> .
21.09.2017 18:58 <DIR> ..
24.01.2016 17:57 <DIR> Adobe
27.06.2017 13:16 <DIR> ASUS
16.10.2015 13:14 <DIR> Avira
11.11.2015 20:03 <DIR> Battlelog Web Plugins
19.09.2017 21:36 <DIR> Common Files
02.06.2017 18:30 <DIR> DVDVideoSoft
02.01.2016 00:55 <DIR> FinalWire
29.10.2015 18:47 <DIR> FreeCodecPack
31.10.2015 13:23 <DIR> GeoGebra 5.0
15.01.2016 21:16 <DIR> Google
01.08.2017 19:47 <DIR> GPU-Z
16.10.2015 13:05 <DIR> Intel
13.09.2017 00:07 <DIR> Internet Explorer
13.04.2017 13:42 <DIR> Java
12.07.2017 15:02 <DIR> LogMeIn Hamachi
30.10.2015 20:30 <DIR> Microsoft ASP.NET
20.09.2017 18:55 <DIR> Microsoft Office
28.06.2017 20:04 <DIR> Microsoft Silverlight
08.01.2017 13:56 <DIR> Microsoft XNA
27.06.2017 13:17 <DIR> Microsoft.NET
14.07.2017 18:02 <DIR> Minecraft
27.08.2017 19:58 <DIR> Mozilla Firefox
27.08.2017 19:58 <DIR> Mozilla Maintenance Service
27.06.2017 14:10 <DIR> MSBuild
27.06.2017 13:17 <DIR> NVIDIA Corporation
28.10.2015 19:16 <DIR> OpenAL
02.09.2017 19:30 <DIR> Origin
14.04.2017 20:41 <DIR> Origin Games
13.04.2017 11:25 <DIR> Razer
27.06.2017 14:10 <DIR> Reference Assemblies
27.12.2016 23:35 <DIR> Rockstar Games
29.10.2015 20:55 <DIR> Skillbrains
10.08.2016 09:46 <DIR> Skype
28.10.2015 19:26 <DIR> Sony
02.01.2016 20:06 <DIR> SpeedFan
20.03.2017 20:54 <DIR> TeamViewer
06.08.2016 11:00 <DIR> Ubisoft
14.03.2017 19:32 <DIR> VulkanRT
11.07.2017 22:04 <DIR> Windows Defender
13.09.2017 00:07 <DIR> Windows Mail
08.11.2015 15:13 <DIR> Windows Media Components
27.06.2017 14:08 <DIR> Windows Media Player
27.06.2017 14:08 <DIR> Windows Multimedia Platform
18.03.2017 23:02 <DIR> Windows NT
13.09.2017 00:07 <DIR> Windows Photo Viewer
27.06.2017 14:08 <DIR> Windows Portable Devices
18.03.2017 23:02 <DIR> WindowsPowerShell
16.02.2017 18:12 <DIR> Wondershare
02.06.2017 21:40 <DIR> Yahoo!
0 Datei(en), 0 Bytes
51 Verzeichnis(se), 47.759.634.432 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\ProgramData
24.01.2016 18:02 <DIR> Adobe
16.10.2015 13:14 <DIR> Avira
12.09.2016 22:17 <DIR> Battle.net
12.09.2016 22:53 <DIR> Blizzard Entertainment
16.07.2016 13:45 <DIR> Comms
02.06.2017 18:30 <DIR> DigitalWave.ApplicationUpdater_files
16.10.2015 16:48 <DIR> Electronic Arts
15.02.2017 23:52 <DIR> Freemake
01.11.2015 18:58 <DIR> Hewlett-Packard
17.02.2017 12:59 <DIR> Hi-Rez Studios
06.12.2016 17:33 <DIR> hps
10.06.2017 00:14 <DIR> IBM
16.10.2015 13:05 <DIR> Intel
08.11.2015 15:35 <DIR> LogMeIn
21.09.2017 19:01 <DIR> Malwarebytes
03.04.2017 11:39 <DIR> ManiaPlanet
27.06.2017 13:24 <DIR> Microsoft OneDrive
25.09.2016 17:14 16 mntemp
21.09.2017 23:01 <DIR> NVIDIA
27.06.2017 13:17 <DIR> NVIDIA Corporation
13.04.2017 13:42 <DIR> Oracle
06.08.2016 11:16 <DIR> Orbit
21.09.2017 23:02 <DIR> Origin
20.09.2017 18:39 <DIR> Package Cache
23.09.2016 22:46 <DIR> Razer
19.09.2017 21:36 <DIR> regid.1991-06.com.microsoft
10.08.2016 09:46 <DIR> Skype
18.03.2017 23:02 <DIR> SoftwareDistribution
28.10.2015 19:26 <DIR> Sony
06.08.2016 11:17 <DIR> Steam
03.02.2016 21:22 <DIR> SteelSeries
06.12.2016 21:14 <DIR> tmp
27.06.2017 13:23 <DIR> USOPrivate
27.06.2017 13:23 <DIR> USOShared
16.02.2017 18:12 <DIR> Wondershare
16.02.2017 18:11 <DIR> Wondershare Video Converter Ultimate
1 Datei(en), 16 Bytes
35 Verzeichnis(se), 47.759.572.992 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Users\Christophh\AppData\Roaming
23.08.2017 16:11 <DIR> .
23.08.2017 16:11 <DIR> ..
14.07.2017 18:03 <DIR> .minecraft
24.01.2016 18:02 <DIR> Adobe
28.10.2015 19:16 <DIR> ASUS
05.08.2016 15:00 <DIR> Atari
16.10.2015 13:14 <DIR> Avira
12.09.2016 22:17 <DIR> Battle.net
02.06.2017 18:31 <DIR> DVDVideoSoft
31.10.2015 13:23 <DIR> GeoGebra 5.0
10.06.2017 00:14 <DIR> IBM_SPSS_Installer
16.10.2015 13:06 <DIR> Intel Corporation
16.03.2016 21:18 <DIR> java
29.11.2015 17:00 <DIR> ly.logic.LogiclyDesktop
16.10.2015 13:11 <DIR> Macromedia
16.10.2015 14:50 <DIR> Mozilla
01.11.2016 19:39 <DIR> NVIDIA
30.06.2017 17:03 <DIR> Origin
28.07.2016 13:11 <DIR> pokemon-go-map
28.10.2015 19:30 <DIR> Publish Providers
20.12.2015 21:21 <DIR> Shooter
21.09.2017 23:02 <DIR> Skype
29.10.2015 19:40 <DIR> Sony
11.11.2015 21:47 <DIR> Sony Creative Software Inc
21.09.2017 23:02 <DIR> Spotify
02.03.2017 22:42 <DIR> StardewValley
03.02.2016 21:22 <DIR> SteelSeries
13.12.2016 23:36 <DIR> steelseries-engine-3-client
16.10.2015 14:44 <DIR> Sun
16.02.2017 18:05 <DIR> TAC
23.03.2016 22:02 <DIR> TeamViewer
21.09.2017 23:01 <DIR> TS3Client
24.06.2017 21:21 <DIR> vlc
16.10.2015 15:13 <DIR> WinRAR
16.02.2017 18:11 <DIR> Wondershare Video Converter Ultimate
13.04.2017 13:42 <DIR> Yahoo
16.02.2017 18:12 <DIR> {950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
0 Datei(en), 0 Bytes
37 Verzeichnis(se), 47.759.536.128 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Users\Christophh\AppData\Local
21.09.2017 23:01 <DIR> .
21.09.2017 23:01 <DIR> ..
29.07.2016 20:50 <DIR> ActiveSync
13.11.2016 18:45 <DIR> Adobe
01.11.2015 18:51 <DIR> Apps
11.06.2017 19:42 <DIR> Battle.net
29.11.2015 19:25 <DIR> Blizzard Entertainment
28.10.2015 19:23 <DIR> CEF
14.12.2016 21:11 <DIR> Chromium
30.07.2016 12:38 <DIR> Comms
25.09.2016 13:09 <DIR> ConnectedDevicesPlatform
21.05.2017 18:24 <DIR> CrashDumps
12.08.2016 21:05 <DIR> CrashReportClient
21.06.2017 01:40 <DIR> DayZ
03.07.2017 19:23 <DIR> DBG
12.08.2016 16:59 <DIR> DeadByDaylight
19.09.2017 22:10 <DIR> Deployment
06.08.2016 01:28 <DIR> Diagnostics
21.09.2017 18:58 <DIR> Downloaded Installations
04.10.2016 16:29 <DIR> ElevatedDiagnostics
10.11.2015 18:37 <DIR> ESN
06.08.2016 20:08 <DIR> Fallout4
15.08.2016 21:27 <DIR> Futuremark
08.06.2017 21:19 <DIR> Google
30.10.2015 20:35 <DIR> GWX
17.02.2017 00:02 <DIR> HirezLauncherUI
10.06.2017 00:14 <DIR> IBM
10.06.2017 00:15 <DIR> javasharedresources
31.07.2017 18:50 <DIR> JxBrowser
08.11.2015 15:35 <DIR> LogMeIn
21.09.2017 23:01 <DIR> LogMeIn Hamachi
28.10.2015 19:34 <DIR> Macromedia
26.08.2017 22:13 <DIR> Microsoft
30.07.2016 22:46 <DIR> MicrosoftEdge
16.10.2015 15:16 <DIR> Mozilla
23.08.2017 14:38 <DIR> MSfree Inc
24.10.2016 20:51 <DIR> NVIDIA
03.08.2017 11:39 <DIR> NVIDIA Corporation
25.10.2016 15:17 <DIR> Origin
09.08.2017 20:24 <DIR> Packages
27.04.2017 16:33 <DIR> PAYDAY 2
30.07.2016 23:02 <DIR> PeerDistRepub
23.07.2016 14:18 <DIR> pip
23.07.2016 15:16 <DIR> Programs
29.07.2016 20:48 <DIR> Publishers
29.10.2015 21:01 <DIR> PunkBuster
16.10.2015 13:31 <DIR> Razer_Inc
27.01.2017 18:49 7.591 Resmon.ResmonCfg
18.12.2015 17:10 <DIR> Rockstar Games
28.10.2015 19:29 <DIR> Sony
21.09.2017 23:02 <DIR> Spotify
14.12.2016 21:11 <DIR> Steam
03.02.2016 21:01 <DIR> SteelSeries_ApS
21.09.2017 23:02 <DIR> Temp
29.07.2016 20:48 <DIR> TileDataLayer
25.07.2017 21:49 <DIR> TslGame
15.09.2016 22:04 <DIR> Ubisoft Game Launcher
13.04.2017 13:03 <DIR> UNP
24.08.2017 21:30 <DIR> UnrealEngine
29.10.2015 20:55 3 updater.log
06.05.2017 11:08 425 UserProducts.xml
07.09.2016 22:22 <DIR> VirtualStore
16.02.2017 18:10 <DIR> Wondershare
3 Datei(en), 8.019 Bytes
60 Verzeichnis(se), 47.759.515.648 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Program Files (x86)\Common Files
19.09.2017 21:36 <DIR> .
19.09.2017 21:36 <DIR> ..
24.01.2016 17:57 <DIR> Adobe
21.09.2017 23:00 <DIR> BattlEye
19.09.2017 21:36 <DIR> DESIGNER
02.06.2017 18:30 <DIR> DVDVideoSoft
16.10.2015 13:08 <DIR> Intel Corporation
13.04.2017 13:42 <DIR> Java
19.09.2017 21:36 <DIR> Microsoft Shared
16.10.2015 13:05 <DIR> PostureAgent
18.03.2017 23:02 <DIR> Services
09.04.2016 14:28 <DIR> Skype
08.09.2017 18:25 <DIR> Steam
20.03.2017 06:39 <DIR> System
0 Datei(en), 0 Bytes
14 Verzeichnis(se), 47.759.450.112 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Program Files\Common Files
27.06.2017 13:17 <DIR> .
27.06.2017 13:17 <DIR> ..
06.06.2017 06:10 <DIR> IBM
27.06.2017 13:17 <DIR> microsoft shared
18.03.2017 23:02 <DIR> Services
20.03.2017 06:39 <DIR> System
0 Datei(en), 0 Bytes
6 Verzeichnis(se), 47.759.409.152 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\Users\Christophh
21.09.2017 23:01 <DIR> .
21.09.2017 23:01 <DIR> ..
07.09.2016 22:47 <DIR> .litwrl
07.09.2016 22:32 <DIR> .oracle_jre_usage
20.10.2016 15:48 <DIR> .Origin
20.10.2016 15:48 <DIR> .QtWebEngineProcess
10.06.2017 00:15 <DIR> .spss
14.11.2015 17:13 <DIR> .Vektoris3D25
10.06.2017 00:15 <DIR> Application Data
12.07.2017 15:02 169 BullseyeCoverageError.txt
13.09.2017 14:38 <DIR> Contacts
21.09.2017 19:05 <DIR> Desktop
13.09.2017 14:38 <DIR> Documents
21.09.2017 23:02 <DIR> Downloads
13.09.2017 14:38 <DIR> Favorites
11.02.2016 22:50 <DIR> Google Drive
16.10.2015 13:04 <DIR> Intel
21.09.2017 19:04 <DIR> Links
13.09.2017 14:38 <DIR> Music
21.09.2017 19:04 <DIR> OneDrive
13.09.2017 14:38 <DIR> Pictures
13.09.2017 14:38 <DIR> Saved Games
13.09.2017 14:38 <DIR> Searches
18.12.2015 22:57 <DIR> Tracing
13.09.2017 14:38 <DIR> Videos
1 Datei(en), 169 Bytes
24 Verzeichnis(se), 47.759.335.424 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 9A73-822E
Verzeichnis von C:\
21.09.2017 18:58 <DIR> AdwCleaner
16.10.2015 14:57 <DIR> ESD
13.08.2016 12:27 <DIR> Fraps
21.09.2017 23:02 <DIR> FRST
05.08.2016 14:59 <DIR> GOG Games
08.11.2015 15:13 <DIR> IExp0.tmp
08.11.2015 15:13 <DIR> IExp1.tmp
27.04.2016 07:34 <DIR> Logs
18.03.2017 23:02 <DIR> PerfLogs
21.09.2017 19:01 <DIR> Program Files
21.09.2017 18:58 <DIR> Program Files (x86)
23.07.2016 15:25 <DIR> Python27
29.11.2015 19:25 <DIR> SC2Data
23.08.2017 16:10 247 SILENT
23.08.2017 19:05 <DIR> Steamspiele
20.09.2017 21:41 88.370 TDSSKiller.3.1.0.15_20.09.2017_21.40.12_log.txt
27.06.2017 13:17 <DIR> Users
21.09.2017 22:04 <DIR> Windows
2 Datei(en), 88.617 Bytes
16 Verzeichnis(se), 47.759.265.792 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7504311 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 15517 B
Edge => 0 B
Chrome => 0 B
Firefox => 17778924 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Christophh => 42493499 B
RecycleBin => 0 B
EmptyTemp: => 72.2 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 23:02:34 ====
Code:
ATTFilter
Code:
ATTFilter C:\Users\Christophh\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe Variante von Win32/FusionCore.I eventuell unerwünschte Anwendung
C:\Users\Christophh\Downloads\GPU Z - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
D:\Alle Bilder\HANDY aktuell\Musik\Samy Deluxe - Studioalben - 2011 - SchwarzWeiss (Limited Deluxe Edition)\www.brothers-of-usenet.org\Brothers Bar Community Toolbar für Firefox.xpi Win32/Toolbar.Conduit.A eventuell unerwünschte Anwendung
D:\Spiele\SimCity\SimCity\1911.dll Variante von Win32/Packed.VMProtect.ABD Trojaner
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2017
durchgeführt von Christophh (Administrator) auf CHRISTOPH (22-09-2017 17:14:48)
Gestartet von C:\Users\Christophh\Downloads
Geladene Profile: Christophh (Verfügbare Profile: Christophh)
Platform: Windows 10 Pro N Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVM Berlin) C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\fritzbox-usb-fernanschluss.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(ESET spol. s r.o.) C:\Users\Christophh\Downloads\esetonlinescanner_deu.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3098944 2017-08-23] (Electronic Arts)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Christophh\AppData\Local\Apps\2.0\ZW5GXKJT.E0T\29LLDZG7.YGO\frit..tion_1acae14e4778b8d2_0002.0003_60ff6cdc6aeff8f9\AVMAutoStart.exe [139264 2015-11-01] (AVM Berlin)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25622168 2017-08-31] (Google)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify] => C:\Users\Christophh\AppData\Roaming\Spotify\Spotify.exe [20644976 2017-09-14] (Spotify Ltd)
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\...\Run: [Spotify Web Helper] => C:\Users\Christophh\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-14] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-02-03]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2ebeed22-0f5c-4834-a642-ac386011e952}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2647985832-747989680-4269839675-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2647985832-747989680-4269839675-1001 -> {7309F519-9799-43A0-B156-48B8354BBBA4} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-10-28] (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-13] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-28] (DVDVideoSoft Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-20] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Keine Datei
FireFox:
========
FF DefaultProfile: wnpf6fue.default
FF ProfilePath: C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default [2017-09-22]
FF NetworkProxy: Mozilla\Firefox\Profiles\wnpf6fue.default -> type", 0
FF Extension: (ProxTube) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\ich@maltegoetz.de.xpi [2017-06-29]
FF Extension: (Adblock Plus) - C:\Users\Christophh\AppData\Roaming\Mozilla\Firefox\Profiles\wnpf6fue.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default [2017-09-21]
CHR Extension: (Google Slides) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Steam Inventory Helper) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-08-23]
CHR Extension: (Google Search) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Sheets) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Yahoo Partner) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbfklbaljofpaanmpaeadejijfdddco [2017-04-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christophh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-23]
CHR HKU\S-1-5-21-2647985832-747989680-4269839675-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-09-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-09-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [402768 2017-08-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-02-16] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-08-23] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-11-10] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2015-11-01] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-22] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-22] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation)
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [32792 2015-09-29] (SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-22 17:13 - 2017-09-22 17:13 - 000001206 _____ C:\Users\Christophh\Desktop\eset.txt
2017-09-21 23:05 - 2017-09-21 23:05 - 006760064 _____ (ESET spol. s r.o.) C:\Users\Christophh\Downloads\esetonlinescanner_deu.exe
2017-09-21 23:05 - 2017-09-21 23:05 - 000000000 ____D C:\Users\Christophh\AppData\Local\ESET
2017-09-21 23:04 - 2017-09-21 23:06 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-21 23:03 - 2017-09-21 23:03 - 011584088 _____ (SurfRight B.V.) C:\Users\Christophh\Downloads\HitmanPro_x64.exe
2017-09-21 22:02 - 2017-09-21 22:03 - 000001122 _____ C:\Users\Christophh\Downloads\SystemLook.txt
2017-09-21 22:01 - 2017-09-21 22:01 - 000165376 _____ C:\Users\Christophh\Downloads\SystemLook_x64.exe
2017-09-21 21:59 - 2017-09-21 23:02 - 000020032 _____ C:\Users\Christophh\Downloads\Fixlog.txt
2017-09-21 19:05 - 2017-09-21 19:05 - 000006157 _____ C:\Users\Christophh\Desktop\mbam.txt
2017-09-21 19:02 - 2017-09-22 15:46 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-21 19:02 - 2017-09-22 15:40 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-21 19:02 - 2017-09-22 15:40 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-21 19:02 - 2017-09-22 15:40 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-21 19:02 - 2017-09-21 19:02 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-21 19:01 - 2017-09-21 19:01 - 068408664 _____ (Malwarebytes ) C:\Users\Christophh\Downloads\mb3-setup-consumer-3.2.2.2029.exe
2017-09-21 19:01 - 2017-09-21 19:01 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-21 19:01 - 2017-09-21 19:01 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-21 19:01 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-21 18:56 - 2017-09-21 18:56 - 008182736 _____ (Malwarebytes) C:\Users\Christophh\Downloads\adwcleaner_7.0.2.1.exe
2017-09-20 21:40 - 2017-09-20 21:41 - 000088370 _____ C:\TDSSKiller.3.1.0.15_20.09.2017_21.40.12_log.txt
2017-09-20 21:40 - 2017-09-20 21:40 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Christophh\Downloads\tdsskiller.exe
2017-09-20 21:38 - 2017-09-20 21:38 - 000000000 ____D C:\Users\Christophh\Downloads\FRST-OlderVersion
2017-09-20 21:35 - 2017-09-20 21:35 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-09-20 18:39 - 2017-09-20 18:39 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 18:39 - 2017-09-20 18:39 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-09-20 18:39 - 2017-09-20 18:39 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-09-19 22:12 - 2017-09-21 22:04 - 000062718 _____ C:\Users\Christophh\Downloads\Addition.txt
2017-09-19 22:11 - 2017-09-22 17:14 - 000025006 _____ C:\Users\Christophh\Downloads\FRST.txt
2017-09-19 22:11 - 2017-09-22 17:14 - 000000000 ____D C:\FRST
2017-09-19 22:10 - 2017-09-20 21:38 - 002399744 _____ (Farbar) C:\Users\Christophh\Downloads\FRST64.exe
2017-09-12 23:00 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-12 23:00 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-12 23:00 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-12 23:00 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 23:00 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 23:00 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-12 23:00 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-12 23:00 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-12 23:00 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-12 23:00 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-12 22:59 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-12 22:59 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-12 22:59 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-12 22:59 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-12 22:59 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-12 22:59 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-12 22:59 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-12 22:59 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-12 22:59 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-12 22:59 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-12 22:59 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-12 22:59 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-12 22:59 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-12 22:59 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-12 22:59 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-12 22:59 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-12 22:59 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-12 22:59 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-12 22:59 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-12 22:59 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-12 22:59 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-12 22:59 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-12 22:59 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-12 22:59 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-12 22:59 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-12 22:59 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-12 22:59 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-12 22:59 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-12 22:59 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-12 22:59 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-12 22:59 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-12 22:59 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-12 22:59 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-12 22:59 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-12 22:59 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-12 22:59 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-12 22:59 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-12 22:59 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-12 22:59 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-12 22:59 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-12 22:59 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-12 22:59 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-12 22:59 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-12 22:59 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-12 22:59 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-12 22:59 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-12 22:59 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-12 22:59 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-12 22:59 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-12 22:59 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-12 22:59 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-12 22:59 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-12 22:59 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-12 22:59 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-12 22:59 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-12 22:59 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-12 22:59 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-12 22:59 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-12 22:59 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-12 22:59 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-12 22:59 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-12 22:59 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-12 22:59 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-12 22:59 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-12 22:59 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-12 22:59 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-12 22:59 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-12 22:59 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-12 22:59 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-12 22:59 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-12 22:59 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-12 22:59 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-12 22:59 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-12 22:59 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-12 22:59 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-12 22:59 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-12 22:59 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-12 22:59 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-12 22:59 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-12 22:59 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-06 23:49 - 2017-09-06 23:49 - 000000041 _____ C:\Users\Christophh\Desktop\sky.txt
2017-09-05 00:11 - 2017-09-05 00:11 - 005004137 _____ C:\Users\Christophh\Desktop\867c5e9ab0891a8d.mp4
2017-08-27 19:38 - 2017-08-27 19:38 - 000461541 _____ C:\Users\Christophh\Downloads\8CTVBK
2017-08-27 19:36 - 2017-08-27 19:36 - 000188608 _____ C:\Users\Christophh\Downloads\Documents(1).zip
2017-08-27 19:36 - 2017-06-07 11:04 - 000037225 ____N C:\Users\Christophh\Desktop\Tutorium06-SS17.pdf
2017-08-27 19:36 - 2017-05-29 11:33 - 000037344 ____N C:\Users\Christophh\Desktop\Tutorium05-SS17.pdf
2017-08-27 19:36 - 2017-05-24 15:05 - 000037470 ____N C:\Users\Christophh\Desktop\Tutorium04-SS17.pdf
2017-08-27 19:36 - 2017-05-17 11:57 - 000037932 ____N C:\Users\Christophh\Desktop\Tutorium03-SS17.pdf
2017-08-27 19:36 - 2017-05-15 08:43 - 000032988 ____N C:\Users\Christophh\Desktop\Tutorium02-SS17.pdf
2017-08-27 19:36 - 2017-05-04 09:54 - 000048413 ____N C:\Users\Christophh\Desktop\Tutorium01-SS17.pdf
2017-08-27 19:35 - 2017-08-27 19:35 - 015613585 _____ C:\Users\Christophh\Downloads\Documents.zip
2017-08-26 21:39 - 2017-08-26 21:39 - 020317282 _____ C:\Users\Christophh\Downloads\Gmail.zip
2017-08-23 19:05 - 2017-08-23 19:05 - 000000000 ____D C:\Steamspiele
2017-08-23 16:11 - 2017-09-22 15:40 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Spotify
2017-08-23 16:11 - 2017-09-22 15:40 - 000000000 ____D C:\Users\Christophh\AppData\Local\Spotify
2017-08-23 16:11 - 2017-08-23 16:11 - 000001914 _____ C:\Users\Christophh\Desktop\Spotify.lnk
2017-08-23 16:11 - 2017-08-23 16:11 - 000001900 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-08-23 16:10 - 2017-08-23 16:10 - 058203272 _____ (Spotify Ltd) C:\Users\Christophh\Downloads\SpotifyFullSetup.exe
2017-08-23 16:10 - 2017-08-23 16:10 - 000000247 _____ C:\SILENT
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-22 17:10 - 2015-12-18 22:56 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\Skype
2017-09-22 16:31 - 2015-10-16 15:11 - 000000000 ____D C:\ProgramData\Origin
2017-09-22 16:20 - 2017-06-27 13:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-22 15:50 - 2016-01-15 21:16 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-09-22 15:50 - 2016-01-15 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-09-22 15:48 - 2017-06-27 13:20 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{16B4380E-769C-4734-94C3-69A9011C9AF2}
2017-09-22 15:48 - 2017-06-27 13:16 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-22 15:46 - 2017-06-27 13:25 - 002665282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 15:46 - 2017-03-20 06:40 - 001239166 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-22 15:46 - 2017-03-20 06:40 - 000288274 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-22 15:45 - 2017-03-18 23:02 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-22 15:45 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-22 15:42 - 2015-11-08 15:35 - 000000000 ____D C:\Users\Christophh\AppData\Local\LogMeIn Hamachi
2017-09-22 15:40 - 2017-06-27 13:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-22 15:40 - 2016-11-20 12:30 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Mozilla
2017-09-21 23:02 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-21 23:01 - 2017-06-27 13:16 - 000000000 ____D C:\Users\Christophh
2017-09-21 23:01 - 2015-10-16 15:20 - 000000000 ____D C:\Users\Christophh\AppData\Roaming\TS3Client
2017-09-21 21:59 - 2017-03-14 13:06 - 000000000 ____D C:\Users\Christophh\AppData\LocalLow\Temp
2017-09-21 19:04 - 2017-07-27 14:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2647985832-747989680-4269839675-1001
2017-09-21 19:04 - 2016-07-29 20:50 - 000002437 _____ C:\Users\Christophh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-21 19:04 - 2015-10-28 19:14 - 000000000 ___RD C:\Users\Christophh\OneDrive
2017-09-21 18:58 - 2017-08-01 19:46 - 000000000 ____D C:\Users\Christophh\AppData\Local\Downloaded Installations
2017-09-21 18:58 - 2017-06-02 21:38 - 000000000 ____D C:\AdwCleaner
2017-09-20 18:55 - 2015-10-28 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-20 18:39 - 2015-10-16 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-20 18:38 - 2015-10-16 13:14 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-09-19 22:10 - 2017-06-30 17:03 - 000000000 ____D C:\Users\Christophh\AppData\Local\Deployment
2017-09-19 21:36 - 2017-03-18 23:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 21:36 - 2017-03-18 23:00 - 000000000 ____D C:\WINDOWS\INF
2017-09-14 14:14 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\rescache
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 22:41 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-13 18:48 - 2015-10-16 13:14 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-09-13 14:38 - 2017-06-27 13:15 - 000381288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-13 14:38 - 2016-04-27 07:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 00:07 - 2017-03-20 06:39 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 00:07 - 2017-03-18 23:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 23:02 - 2015-10-16 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:01 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 23:01 - 2015-10-16 13:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-02 19:30 - 2015-10-16 15:11 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-02 17:57 - 2016-01-24 17:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-02 17:54 - 2015-11-07 21:07 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-02 17:15 - 2017-03-18 23:04 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:04 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 19:58 - 2016-11-19 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-27 19:58 - 2015-10-16 14:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-25 15:44 - 2017-07-27 22:57 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-24 21:30 - 2016-08-12 16:59 - 000807464 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-08-24 21:30 - 2016-08-12 16:59 - 000000000 ____D C:\Users\Christophh\AppData\Local\UnrealEngine
2017-08-23 14:38 - 2015-10-28 19:16 - 000000000 ____D C:\Users\Christophh\AppData\Local\MSfree Inc
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 20:07 - 2017-01-27 18:49 - 000007591 _____ () C:\Users\Christophh\AppData\Local\Resmon.ResmonCfg
2015-10-29 20:55 - 2015-10-29 20:55 - 000000003 _____ () C:\Users\Christophh\AppData\Local\updater.log
2015-10-29 20:55 - 2017-05-06 11:08 - 000000425 _____ () C:\Users\Christophh\AppData\Local\UserProducts.xml
2016-09-25 17:14 - 2016-09-25 17:14 - 000000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-20 18:48
==================== Ende von FRST.txt ============================
|
|
| Themen zu Microsoft-Ansage "Pc deaktivieren" Virus |
| anrufen, avdevprot, avdevprot.sys, avira, daten, datensicherung, deaktivieren, direkt, gefunde, infiziert, karte, kreditkarte, microsoft, nicht, node.js, schonmal, sicherung, sofort, total, virus |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
