| |
| |||||||
Alles rund um Windows: HP Laptop Win7 braucht lange zum HochfahrenWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
11.10.2017, 07:29
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  HP Laptop Win7 braucht lange zum Hochfahren [gelöst] FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X]
Lsa: [Notification Packages] DPPassFilter scecli
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung <==== ACHTUNG
hosts:
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.10.2017, 16:39
| #17 |
 | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-10-2017
durchgeführt von Nina Lamprou (11-10-2017 17:34:53) Run:1
Gestartet von C:\Users\Nina Lamprou\Elternverein!\Downloads
Geladene Profile: Nina Lamprou (Verfügbare Profile: Nina Lamprou & Administrator)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
Lsa: [Notification Packages] DPPassFilter scecli
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschr�nkung <==== ACHTUNG
hosts:
emptytemp:
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => Wert erfolgreich wiederhergestellt
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Wert erfolgreich wiederhergestellt
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19739278 B
Java, Flash, Steam htmlcache => 8272 B
Windows/system/drivers => 57044661 B
Edge => 0 B
Chrome => 20621020 B
Firefox => 87577199 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 74824 B
LocalService => 16674 B
NetworkService => 0 B
Nina Lamprou => 359853932 B
Administrator => 3784739 B
RecycleBin => 101472173 B
EmptyTemp: => 628.1 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:35:07 ====
|
|
11.10.2017, 18:37
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] Adware/Junkware/Toolbars entfernen
__________________Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ |
|
11.10.2017, 18:54
| #19 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 11 17:44:35 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64
Ran by Nina Lamprou (Administrator) on 11.10.2017 at 19:50:22,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\ProgramData\Start Menu\Programs\comodo\geekbuddy (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files\comodo\geekbuddy (Folder)
Successfully deleted: C:\Users\Nina Lamprou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\18IE4YWC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Nina Lamprou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3TPML01 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Nina Lamprou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKB3KLFK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Nina Lamprou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFWMZG5T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\18IE4YWC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D3TPML01 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JKB3KLFK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFWMZG5T (Temporary Internet Files Folder)
Deleted the following from C:\Users\Nina Lamprou\AppData\Roaming\Mozilla\Firefox\Profiles\drz0vbmq.default\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
user_pref(browser.urlbar.suggest.searches, false);
Registry: 1
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\GeekBuddyRSP (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2017 at 19:53:55,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
12.10.2017, 05:32
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] Log vom adwcleaner ist unvollständig...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2017, 16:38
| #21 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 12 15:36:39 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-11-2017.2
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C1].txt - [10213 B] - [2015/8/26 20:47:36]
C:/AdwCleaner/AdwCleaner[C2].txt - [1979 B] - [2016/10/28 19:19:29]
C:/AdwCleaner/AdwCleaner[S1].txt - [2772 B] - [2016/2/22 19:17:46]
C:/AdwCleaner/AdwCleaner[S2].txt - [1589 B] - [2016/2/22 19:26:19]
C:/AdwCleaner/AdwCleaner[S5].txt - [2869 B] - [2016/10/28 19:18:30]
C:/AdwCleaner/AdwCleaner[S6].txt - [6639 B] - [2015/8/26 20:19:49]
C:/AdwCleaner/AdwCleaner[S7].txt - [1796 B] - [2015/8/26 20:25:47]
C:/AdwCleaner/AdwCleaner[S8].txt - [6639 B] - [2015/8/26 20:46:10]
C:/AdwCleaner/AdwCleaner[S9].txt - [2318 B] - [2017/3/10 13:53:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt ##########
Geändert von Petros1973 (12.10.2017 um 16:41 Uhr) Grund: nichts gefunden |
|
12.10.2017, 17:50
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] Du kannste meine Posting aber schon richtig lesen? Du solltest kein neues Log machen. Das vorherige Log war unvollständig, das solltest du komplett posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2017, 18:08
| #23 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] log datei vom ordner c:/adwcleaner steht sogar das datum von gestern dabei Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 11 17:44:35 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C1].txt - [10213 B] - [2015/8/26 20:47:36]
C:/AdwCleaner/AdwCleaner[C2].txt - [2781 B] - [2016/10/28 19:19:29]
C:/AdwCleaner/AdwCleaner[S1].txt - [2772 B] - [2016/2/22 19:17:46]
C:/AdwCleaner/AdwCleaner[S2].txt - [1589 B] - [2016/2/22 19:26:19]
C:/AdwCleaner/AdwCleaner[S5].txt - [2869 B] - [2016/10/28 19:18:30]
C:/AdwCleaner/AdwCleaner[S6].txt - [6639 B] - [2015/8/26 20:19:49]
C:/AdwCleaner/AdwCleaner[S7].txt - [1796 B] - [2015/8/26 20:25:47]
C:/AdwCleaner/AdwCleaner[S8].txt - [6639 B] - [2015/8/26 20:46:10]
C:/AdwCleaner/AdwCleaner[S9].txt - [2318 B] - [2017/3/10 13:53:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
Geändert von Petros1973 (12.10.2017 um 18:23 Uhr) |
|
12.10.2017, 18:25
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] genau so isses richtig Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2017, 18:32
| #25 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
durchgeführt von Nina Lamprou (Administrator) auf NINALAMPROU-HP (12-10-2017 19:31:11)
Gestartet von C:\Users\Nina Lamprou\Elternverein!\Downloads
Geladene Profile: Nina Lamprou (Verfügbare Profile: Nina Lamprou & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2480592 2017-09-18] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-1665930621-798283959-3772139732-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D9DE1C37-BB11-422F-8EBA-71017F362E47}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-1665930621-798283959-3772139732-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.yahoo.com/?fr=fp-comodo&type=19_25050030005_55.0.2883.59_u_hp_sp
HKU\S-1-5-21-1665930621-798283959-3772139732-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/4
SearchScopes: HKU\S-1-5-21-1665930621-798283959-3772139732-1002 -> DefaultScope {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_25050030005_55.0.2883.59_u_ds_sp&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1665930621-798283959-3772139732-1002 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_25050030005_55.0.2883.59_u_ds_sp&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Keine Datei
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Nina Lamprou\AppData\Roaming\Mozilla\Firefox\Profiles\drz0vbmq.default [2017-10-12]
FF NewTab: Mozilla\Firefox\Profiles\drz0vbmq.default -> hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\drz0vbmq.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\drz0vbmq.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\drz0vbmq.default -> hxxp://www.facebook.com
FF Keyword.URL: Mozilla\Firefox\Profiles\drz0vbmq.default -> hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: Mozilla\Firefox\Profiles\drz0vbmq.default -> type", 0
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Nina Lamprou\AppData\Roaming\Mozilla\Firefox\Profiles\drz0vbmq.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2016-11-06]
FF Extension: (Speed Tweaks (SpeedyFox)) - C:\Users\Nina Lamprou\AppData\Roaming\Mozilla\Firefox\Profiles\drz0vbmq.default\Extensions\jid1-wZqm19rJzRkZUA@jetpack.xpi [2015-08-26]
FF Extension: (Fasterfox) - C:\Users\Nina Lamprou\AppData\Roaming\Mozilla\Firefox\Profiles\drz0vbmq.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2015-08-15]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-02-28] (DigitalPersona, Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://at.yahoo.com/?fr=fpc-comodo&type=19_25050030006_55.0.2883.59_u_hp_sp"
CHR DefaultSearchURL: Default -> hxxps://at.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_25050030006_55.0.2883.59_u_ds_sp&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR Profile: C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default [2017-10-12]
CHR Extension: (Google Präsentationen) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-06]
CHR Extension: (Google Docs) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-06]
CHR Extension: (Google Drive) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-06]
CHR Extension: (YouTube) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-06]
CHR Extension: (Google Tabellen) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-19]
CHR Extension: (DigitalPersona Extension) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2016-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Nina Lamprou\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-19]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-02-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-10-25] (Autodesk)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-02-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [Datei ist nicht signiert]
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [491320 2013-03-12] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4381840 2016-04-12] (SurfRight B.V.)
S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [155088 2017-09-18] (Malwarebytes Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-06] (Ralink Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\System32\DRIVERS\clwcsm.sys [42432 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-02-19] (Hewlett-Packard Company)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [77440 2017-09-18] ()
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-04] ()
R3 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [177040 2016-04-12] (SurfRight B.V.)
S3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [84520 2016-04-12] (SurfRight B.V.)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-19] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1446904 2013-02-22] (Sunplus)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
U4 CmdAgent; kein ImagePath
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-11 20:02 - 2017-10-11 20:02 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-11 19:53 - 2017-10-11 19:53 - 000002531 _____ C:\Users\Nina Lamprou\Desktop\JRT.txt
2017-10-11 17:31 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-11 17:31 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 17:31 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-11 17:31 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 17:31 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 17:31 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-11 17:31 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-11 17:31 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-11 17:31 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-11 17:31 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 17:31 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 17:31 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 17:31 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 17:31 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 17:31 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-11 17:31 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 17:31 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 17:31 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 17:31 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 17:31 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 17:31 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 17:31 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-11 17:31 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-11 17:31 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-11 17:31 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 17:31 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-11 17:31 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 17:31 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-11 17:31 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 17:31 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 17:31 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 17:31 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 17:31 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 17:31 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 17:31 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-11 17:31 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-11 17:31 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-11 17:31 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-11 17:31 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-11 17:31 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 17:31 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-11 17:31 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-11 17:31 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-11 17:31 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-11 17:31 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-11 17:31 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-11 17:31 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-11 17:31 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 17:31 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 17:31 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 17:31 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 17:31 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 17:31 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 17:31 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 17:31 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 17:31 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 17:31 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 17:31 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 17:31 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 17:31 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 17:31 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 17:31 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 17:31 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 17:31 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 17:31 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 17:31 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 17:31 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 17:31 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 17:31 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 17:31 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 17:31 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 17:31 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 17:31 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 17:31 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 17:31 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 17:31 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 17:31 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 17:31 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 17:31 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 17:31 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 17:31 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-11 17:31 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 17:31 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 17:31 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-11 17:31 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-11 17:31 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-11 17:31 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-11 17:31 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-11 17:31 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-11 17:31 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-11 17:31 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-11 17:31 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-11 17:31 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-11 17:31 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-11 17:31 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-11 17:31 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-11 17:31 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-11 17:31 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-11 17:31 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-11 17:31 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-11 17:31 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-11 17:31 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-11 17:31 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-11 17:31 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-11 17:31 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-11 17:31 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-11 17:31 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-11 17:31 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-11 17:31 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-11 17:31 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-11 17:31 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-11 17:31 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-11 17:31 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-11 17:31 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 17:31 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-11 17:31 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 17:31 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 17:31 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 17:31 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 17:31 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 17:31 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 17:31 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-11 17:31 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-11 17:31 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-11 17:31 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 17:31 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 17:31 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-11 17:31 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-11 17:31 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 17:31 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-11 17:31 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 17:31 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-10 17:10 - 2017-10-10 17:10 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-09 22:23 - 2017-10-09 22:23 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-10-09 22:14 - 2017-10-09 22:14 - 000000000 ____D C:\ProgramData\ATI
2017-10-09 22:06 - 2017-10-09 22:07 - 000000000 ____D C:\Program Files (x86)\AMD
2017-10-09 22:06 - 2017-10-09 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2017-10-09 19:34 - 2017-10-12 19:31 - 000000000 ____D C:\FRST
2017-10-09 19:29 - 2017-08-29 06:52 - 004784832 _____ (COMODO) C:\ProgramData\cisDE7C.exe
2017-10-09 19:22 - 2017-10-09 19:58 - 000001045 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-10-09 19:22 - 2017-10-09 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-10-09 19:22 - 2017-10-09 19:22 - 000000000 ____D C:\Program Files\VS Revo Group
2017-10-09 18:24 - 2017-10-09 18:24 - 000000000 ____D C:\Program Files (x86)\AMD AVT
2017-10-09 18:22 - 2017-10-09 22:06 - 000000000 ____D C:\Program Files\ATI Technologies
2017-10-06 23:31 - 2017-10-06 23:32 - 000364148 _____ C:\Windows\ntbtlog.txt
2017-10-06 22:47 - 2017-10-06 22:26 - 130024000 _____ (Intel Corporation) C:\win64_153343.4425.exe
2017-10-06 22:00 - 2017-10-06 22:00 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-10-06 21:52 - 2017-10-12 17:22 - 000000000 __SHD C:\Users\Nina Lamprou\IntelGraphicsProfiles
2017-10-06 21:30 - 2017-10-06 21:36 - 131553296 _____ (HP Inc ) C:\sp77113.exe
2017-10-06 17:53 - 2017-10-06 17:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2017-10-06 17:51 - 2014-12-25 16:37 - 000000222 _____ C:\Users\Administrator\Desktop\Professional Farmer 2014.url
2017-10-06 16:14 - 2017-10-09 22:04 - 000000000 ____D C:\Program Files\AMD
2017-10-04 17:29 - 2017-10-04 17:29 - 000007597 _____ C:\Users\Nina Lamprou\AppData\Local\Resmon.ResmonCfg
2017-10-03 22:15 - 2017-10-04 17:41 - 007449188 _____ C:\Users\Nina Lamprou\Documents\NINALAMPROU-HP.arn
2017-10-03 22:13 - 2017-10-03 22:13 - 000102236 _____ C:\Users\Nina Lamprou\Documents\NINALAMPROU-HP.txt
2017-10-03 21:55 - 2017-10-06 18:21 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-10-03 19:00 - 2017-10-03 19:02 - 000001078 _____ C:\Windows\system32dbgraw.bmp
2017-09-17 13:35 - 2017-09-17 13:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-09-17 13:30 - 2017-09-17 13:30 - 000031822 _____ C:\Users\Nina Lamprou\Documents\dani einladung 2017.sla.autosave
2017-09-17 13:15 - 2017-09-17 13:32 - 000568572 _____ C:\Users\Nina Lamprou\Documents\dani einladung 2017.pdf
2017-09-17 13:11 - 2017-09-17 13:31 - 000028545 _____ C:\Users\Nina Lamprou\Documents\dani einladung 2017.sla
2017-09-17 12:57 - 2017-07-21 16:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-17 12:57 - 2017-07-21 16:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-17 12:57 - 2017-07-01 15:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-17 12:57 - 2017-07-01 15:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-17 12:57 - 2017-07-01 15:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-17 12:57 - 2017-07-01 15:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-17 12:56 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-17 12:56 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-17 12:56 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-17 12:56 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-17 12:56 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-17 12:56 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-17 12:56 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-17 12:56 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-17 12:56 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-17 12:56 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-17 12:56 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-17 12:56 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-17 12:56 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-17 12:56 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-17 12:56 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-17 12:56 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-17 12:56 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-17 12:56 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-17 12:56 - 2017-08-11 08:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-17 12:56 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-17 12:56 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-17 12:56 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-17 12:56 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-17 12:56 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-17 12:56 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-17 12:56 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-17 12:56 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-17 12:56 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-17 12:56 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-17 12:56 - 2017-07-29 16:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-17 12:56 - 2017-07-21 16:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-09-17 12:56 - 2017-07-21 16:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-17 12:56 - 2017-07-14 17:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-17 12:56 - 2017-07-14 17:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-09-17 12:56 - 2017-07-14 17:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-17 12:56 - 2017-07-14 16:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-17 12:56 - 2017-07-14 16:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-17 12:56 - 2017-07-14 16:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-09-17 12:56 - 2017-07-08 17:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-17 12:56 - 2017-07-07 17:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-09-17 12:56 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-17 12:56 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-17 12:56 - 2017-07-01 15:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-17 12:56 - 2017-07-01 15:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-17 12:56 - 2017-07-01 15:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-17 12:56 - 2017-07-01 15:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-17 12:56 - 2017-07-01 15:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-10-12 19:24 - 2016-02-23 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2017-10-12 19:24 - 2016-02-23 20:22 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2017-10-12 19:01 - 2013-10-24 22:49 - 000003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6E41157-1D49-4394-BA1F-68A805750A2C}
2017-10-12 18:53 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-10-12 17:37 - 2009-07-14 06:45 - 000026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-12 17:37 - 2009-07-14 06:45 - 000026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-12 17:35 - 2013-10-25 13:20 - 000000000 ____D C:\AdwCleaner
2017-10-12 17:27 - 2013-08-02 14:27 - 000847070 _____ C:\Windows\system32\perfh007.dat
2017-10-12 17:27 - 2013-08-02 14:27 - 000196710 _____ C:\Windows\system32\perfc007.dat
2017-10-12 17:27 - 2009-07-14 07:13 - 001816636 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-12 17:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-12 17:25 - 2013-02-22 22:59 - 000001000 _____ C:\Windows\SysWOW64\bscs.ini
2017-10-12 17:21 - 2013-08-02 14:06 - 000003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2017-10-12 17:21 - 2013-08-02 14:06 - 000000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2017-10-12 17:21 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-11 20:23 - 2009-07-14 06:45 - 000413552 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 20:05 - 2013-10-24 23:09 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 20:02 - 2013-10-24 23:09 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-11 19:52 - 2013-10-25 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2017-10-11 19:52 - 2013-10-25 12:43 - 000000000 ____D C:\Program Files\COMODO
2017-10-11 19:39 - 2013-11-18 14:06 - 000389120 ___SH C:\Users\Nina Lamprou\Thumbs.db
2017-10-11 17:35 - 2014-04-23 20:48 - 000000000 ____D C:\Users\Nina Lamprou\AppData\LocalLow\Temp
2017-10-10 23:38 - 2016-02-22 21:28 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-10-10 18:40 - 2014-07-19 13:53 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-10 18:40 - 2013-10-25 12:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-10 18:40 - 2013-04-28 16:08 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-10 18:40 - 2013-04-28 16:08 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-10 18:40 - 2013-04-28 16:08 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-10 18:07 - 2016-02-22 21:27 - 000000000 ____D C:\Users\Nina Lamprou\Desktop\mbar
2017-10-10 17:45 - 2016-02-22 19:46 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-10-10 17:44 - 2016-02-22 19:46 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-10-10 17:39 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\addins
2017-10-09 22:21 - 2013-04-28 16:08 - 000000000 ____D C:\Program Files (x86)\Intel
2017-10-09 22:16 - 2011-02-11 18:32 - 000000000 ____D C:\SWSETUP
2017-10-09 22:06 - 2013-08-02 13:44 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2017-10-09 22:03 - 2013-04-28 16:01 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-09 20:45 - 2015-05-06 15:09 - 000000000 ____D C:\Users\Nina Lamprou\AppData\Local\ElevatedDiagnostics
2017-10-09 20:12 - 2016-02-23 20:22 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-10-09 20:04 - 2015-08-26 19:43 - 000000000 ____D C:\ProgramData\Sophos
2017-10-09 20:02 - 2015-04-17 14:44 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-10-09 19:29 - 2013-10-25 12:44 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2017-10-09 18:24 - 2013-08-02 13:44 - 000000000 ____D C:\ProgramData\AMD
2017-10-06 22:28 - 2013-10-25 15:33 - 000641410 _____ C:\Windows\system32\Drivers\fvstore.dat
2017-10-06 22:07 - 2013-12-11 20:06 - 000000000 ___HD C:\VTRoot
2017-10-06 22:00 - 2013-10-25 15:01 - 000000000 ____D C:\Users\Administrator
2017-10-06 21:52 - 2013-10-24 22:48 - 000000000 ____D C:\Users\Nina Lamprou
2017-10-06 21:48 - 2013-10-24 23:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-06 21:46 - 2013-08-02 13:47 - 000000000 ____D C:\Program Files\Intel
2017-10-06 19:13 - 2016-12-20 21:56 - 000000000 ____D C:\Users\Nina Lamprou\AppData\LocalLow\Mozilla
2017-10-06 19:13 - 2015-07-22 10:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-06 18:22 - 2015-04-15 20:25 - 000000000 ____D C:\Windows\system32\appraiser
2017-10-06 18:22 - 2015-04-04 20:00 - 000000000 ___SD C:\Windows\SysWOW64\GWX
2017-10-06 18:22 - 2015-04-04 20:00 - 000000000 ___SD C:\Windows\system32\GWX
2017-10-06 18:22 - 2014-05-06 20:00 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-10-06 18:22 - 2013-08-02 14:15 - 000000000 ____D C:\Program Files\Windows Journal
2017-10-06 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2017-10-06 18:21 - 2016-02-22 19:46 - 000000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2017-10-06 18:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2017-10-06 18:12 - 2013-10-25 15:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Autodesk
2017-10-06 18:12 - 2013-10-25 12:43 - 000000000 ____D C:\ProgramData\COMODO
2017-10-06 17:36 - 2013-10-25 15:01 - 000108584 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-01 21:06 - 2015-11-12 21:45 - 000000000 ____D C:\Users\Nina Lamprou\Elternverein!
2017-09-29 17:02 - 2009-07-14 07:08 - 000032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-26 11:22 - 2016-11-06 14:11 - 000002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 11:22 - 2016-11-06 14:11 - 000002192 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 21:56 - 2013-11-18 12:09 - 000000000 ____D C:\Users\Nina Lamprou\AppData\Roaming\Scribus
2017-09-25 21:56 - 2013-10-24 23:32 - 000000000 ____D C:\Users\Nina Lamprou\AppData\Local\CutePDF Writer
2017-09-17 13:28 - 2011-02-11 15:51 - 001790916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-11-04 22:24 - 2013-11-04 22:24 - 000000037 ___SH () C:\Users\Nina Lamprou\AppData\Local\70149b02515b3bb20dd492.47983420
2014-11-19 19:20 - 2014-11-19 19:20 - 000009549 _____ () C:\Users\Nina Lamprou\AppData\Local\recently-used.xbel
2017-10-04 17:29 - 2017-10-04 17:29 - 000007597 _____ () C:\Users\Nina Lamprou\AppData\Local\Resmon.ResmonCfg
2017-10-09 19:29 - 2017-08-29 06:52 - 004784832 _____ (COMODO) C:\ProgramData\cisDE7C.exe
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\cisDE7C.exe
Einige Dateien in TEMP:
====================
2015-08-14 14:29 - 2015-07-29 22:08 - 000681097 _____ (SQLite Development Team) C:\Users\Nina Lamprou\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-10-10 21:17
==================== Ende von FRST.txt ============================
|
|
12.10.2017, 18:33
| #26 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-10-2017
durchgeführt von Nina Lamprou (12-10-2017 19:31:52)
Gestartet von C:\Users\Nina Lamprou\Elternverein!\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-10-24 20:47:58)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1665930621-798283959-3772139732-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1665930621-798283959-3772139732-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1665930621-798283959-3772139732-1003 - Limited - Enabled)
Nina Lamprou (S-1-5-21-1665930621-798283959-3772139732-1002 - Administrator - Enabled) => C:\Users\Nina Lamprou
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{5094145C-9F17-8099-7F4F-E5AADD5E4065}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AutoCAD 2009 - Deutsch (HKLM\...\{5783F2D7-7001-0407-0102-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3703 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.)
CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.)
Flughafen-Feuerwehr-Simulator 2013 Version 1.0 (HKLM-x32\...\{86D596F4-CB90-4F4B-B752-8A55D0C62664}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
GeekBuddy (HKLM\...\{48E60BD7-34CF-4DEB-AD7C-5261FF41BD34}) (Version: 4.9.73 - Comodo Security Solutions Inc)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.10.1 - Hewlett-Packard Company)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.1.0.1451 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4127C2C0-0AC7-4947-9CC1-AACBEFC6EC02}) (Version: 4.4.51.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{274A948D-DD41-4B8F-B66F-0F4AD233200F}) (Version: 8.0.0.4 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F3F74675-3700-4C55-A9AC-924D4E36DC40}) (Version: 1.1.2.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.5.1.138 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D562B3BB-4405-4FA8-BCE2-D5DB89E8D5CE}) (Version: 2.2.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.25 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 5.0.12.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{A38E954F-9043-42BD-9DE9-246ED183791D}) (Version: 12.7.27.15 - HP)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 8.0.0.6 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation)
Malwarebytes Anti-Exploit version 1.10.1.41 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.10.1.41 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 de)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{29F5A1C9-0BC3-16E6-9384-3BC5D1CB7ACE}) (Version: 1.00.0000 - Ihr Firmenname)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Professional Farmer 2014 (HKLM-x32\...\Steam App 258880) (Version: - PlayWay S.A.)
PX Profile Update (HKLM-x32\...\{03E6F8D6-A7A4-7B1A-A3C6-722A6D54D355}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{414B7A38-3B6D-5481-360D-2A4F971C705B}) (Version: 1.00.1. - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Schiff-Simulator 2008 (HKLM-x32\...\Shipsim2008) (Version: - )
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Validity Fingerprint Sensor Driver (HKLM\...\{88AF04A0-6A10-4428-A972-E010873A6CBC}) (Version: 4.5.117.0 - Validity Sensors, Inc.)
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (HKLM-x32\...\{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows 7 Codec Pack 4.0.8 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.8 - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zahlenbuch 2 (HKLM-x32\...\Zahlenbuch 2) (Version: - )
Zahlenbuch 3 (HKLM-x32\...\Zahlenbuch 3) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1665930621-798283959-3772139732-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2008-02-10] (Autodesk)
ContextMenuHandlers1: [BthSendToContextMenuExt] -> {CF373149-C3D9-4AEB-9CE8-BDD1D2FFFA5B} => C:\Windows\system32\BSAppShlExt.dll [2013-01-10] (TODO: <公司名>)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-11-23] (Cyberlink)
ContextMenuHandlers1: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-11-23] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-09-17] (Malwarebytes)
ContextMenuHandlers4: [ShredContextMenu] -> {85EFA470-665A-4322-AB1E-1EB9C70F61C8} => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll [2013-03-06] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-09-17] (Malwarebytes)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {38728A97-F9AB-4D53-B99A-ECDFDBC9961A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {38728A97-F9AB-4D53-B99A-ECDFDBC9961A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-19] (Microsoft Corporation)
Task: {3E823A9D-EA95-42E0-A40A-0CF04B583D4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {5AF4A056-5EBA-419F-A5BD-6C546CBBBEC0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {5AF4A056-5EBA-419F-A5BD-6C546CBBBEC0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-19] (Microsoft Corporation)
Task: {6637C9FC-F58D-4522-B4CC-C41B55404D8F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {D5ABC8B4-7479-499A-A706-7984E09DAF61} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-01-01] (HP Inc.)
Task: {DBC68403-9EC9-4AD6-AB6F-B48F67FF99BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {E215E97D-05F1-4996-92A1-E6D65CBABEB0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {E215E97D-05F1-4996-92A1-E6D65CBABEB0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-19] (Microsoft Corporation)
Task: {E69F4EE9-D141-49F1-B622-018FBAC353F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {F278F8B2-B368-4657-AFC4-C2F80CD821CD} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {F278F8B2-B368-4657-AFC4-C2F80CD821CD} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {F278F8B2-B368-4657-AFC4-C2F80CD821CD} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-12-19] (Microsoft Corporation)
Task: {F7FF67B4-A565-4A4D-B7F2-7DBB847E26C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-01-18 01:57 - 2012-01-18 01:57 - 000298368 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-10-24 23:18 - 2012-10-04 19:49 - 000087152 _____ () C:\Windows\System32\cpwmon64.dll
2013-01-10 22:30 - 2013-01-10 22:30 - 000022528 _____ () C:\Windows\system32\BsTrace.dll
2013-01-10 22:35 - 2013-01-10 22:35 - 000009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-02-23 00:05 - 2013-02-23 00:05 - 000387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 19:53 - 2011-07-05 19:53 - 000012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2017-09-26 21:57 - 2017-09-26 21:57 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\af090eae04eb9e9104769a5c03783afc\IsdiInterop.ni.dll
2013-04-28 16:08 - 2012-02-02 02:25 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-08-02 13:47 - 2012-10-22 10:22 - 001199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpprefcl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\gpscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hlink.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpprefcl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\gpscript.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\hlink.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\INETRES.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PhysXCompatCplUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PhysXCplUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [32]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WcsPlugInService.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64]
AlternateDataStreams: C:\Users\Nina Lamprou\bell rock.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Nina Lamprou\bett.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Nina Lamprou\euromaus.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Nina Lamprou\Europapark-51-e1416573540498.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Nina Lamprou\hintergrund.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Nina Lamprou\marie.jpg:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1665930621-798283959-3772139732-1002\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1665930621-798283959-3772139732-1002\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2017-10-11 17:34 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1665930621-798283959-3772139732-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Nina Lamprou\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: hpCMSrv => 3
MSCONFIG\Services: HPFSService => 2
MSCONFIG\Services: hpHotkeyMonitor => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup
MSCONFIG\startupreg: AccelerometerSysTrayApplet => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BtTray => "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} => "C:\ProgramData\cisDE7C.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: CLWCSM => "c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe"
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: File Sanitizer => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HPConnectionManager => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: YouCam Mirage => "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{64FD4DC1-0849-4900-8937-2D8A2C40E18F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5258605F-4C06-4F10-B287-1B2CCE2C411E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1A9457D9-3908-4AC1-92D4-28A22DF6E46E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1509169A-F309-412D-BE86-D69D0A587567}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5B67A44A-A544-4322-8BA2-95EDC6C1290E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{5BC7940C-F35B-4805-BD92-3FDF2386C2DF}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{AE6A669F-98D9-4322-AD4B-3BBA9E1B3F89}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{A1E375BB-1AC8-49A8-A626-24E1AE3E98B4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{38DC873B-B296-4ABA-98F9-B49482AA1240}] => (Allow) LPort=2869
FirewallRules: [{10841F82-682B-469D-B1CF-CD250A56EDE2}] => (Allow) LPort=1900
FirewallRules: [{8DA34BBE-6B64-473C-B339-EEA4B45D59CF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9CA8C035-8AD9-457C-BF39-0222225D1EF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FFF0062-213B-4B48-82FA-B0B5EE5D02B5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{30C2BB4B-B522-458D-8000-98DBD3CEE6C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{27BBA77D-7263-4760-A80D-0A2A7079618D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Professional Farmer 2014\Landwirt.exe
FirewallRules: [{BCC7D904-9AC0-498F-BBFC-4276EB7A9D33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Professional Farmer 2014\Landwirt.exe
FirewallRules: [{30D49DEF-E162-43E4-9E4B-CB40BB97BDA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{143E7E65-81C0-4FA4-873D-66FAC84B70D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F8943AEA-9B55-4418-B2E2-AB8C3C018F58}] => (Allow) C:\Program Files (x86)\Agrar Simulator 2012\iupdate.dll
FirewallRules: [{146175A9-4AA2-4C02-ACC7-802828800DE8}] => (Allow) C:\Program Files (x86)\Agrar Simulator 2012\iupdate.dll
FirewallRules: [{1ED42E1A-80E4-42F8-BD2E-87199BAC8E42}] => (Allow) C:\Program Files (x86)\Agrar Simulator 2012\farm2012.dll
FirewallRules: [{EF96A449-C654-4F6E-BB8E-E98863C132AB}] => (Allow) C:\Program Files (x86)\Agrar Simulator 2012\farm2012.dll
FirewallRules: [{C57C2858-AC25-4888-9306-62F204A25644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E271B346-E687-42F8-A866-95EC50A02A9A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{60FC7FD9-3373-4BAC-B8DF-D066454D31F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
06-10-2017 23:02:18 Wiederherstellungsvorgang
09-10-2017 19:23:41 Revo Uninstaller's restore point - COMODO Internet Security Premium
09-10-2017 19:25:17 Revo Uninstaller's restore point - COMODO Internet Security Premium
09-10-2017 19:25:31 Removed COMODO Internet Security Premium
09-10-2017 19:55:13 Revo Uninstaller's restore point - 7-Zip 9.20 (x64 edition)
09-10-2017 19:56:22 Revo Uninstaller's restore point - 7-Zip 9.20 (x64 edition)
09-10-2017 19:59:42 Revo Uninstaller's restore point - 7-Zip 9.20 (x64 edition)
09-10-2017 20:00:48 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
09-10-2017 20:02:46 Revo Uninstaller's restore point - Sophos Virus Removal Tool
09-10-2017 20:04:25 Revo Uninstaller's restore point - Spybot - Search & Destroy
09-10-2017 22:03:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
10-10-2017 17:16:10 Windows Update
10-10-2017 17:38:01 Malwarebytes Anti-Rootkit Restore Point
10-10-2017 18:21:41 Guter Zustand
11-10-2017 19:50:26 JRT Pre-Junkware Removal
11-10-2017 20:00:12 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/11/2017 08:00:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service GeekBuddyRSP Server since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (10/10/2017 10:17:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "\\PETROS\Software\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (10/09/2017 08:07:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51af1c12
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51af1c12
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e629
ID des fehlerhaften Prozesses: 0x5cc
Startzeit der fehlerhaften Anwendung: 0x01d34129607eefd0
Pfad der fehlerhaften Anwendung: C:\Windows\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\atieclxx.exe
Berichtskennung: a796cca6-ad1c-11e7-9270-0c84dc930afa
Error: (10/09/2017 08:03:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NinaLamprou-HP)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
Error: (10/09/2017 08:03:54 PM) (Source: MsiInstaller) (EventID: 11606) (User: NinaLamprou-HP)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
Error: (10/09/2017 08:03:23 PM) (Source: MsiInstaller) (EventID: 11606) (User: NinaLamprou-HP)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.
Error: (10/09/2017 07:55:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {19369a7f-1feb-42d5-8dbe-d4d8cc470036}
Error: (10/09/2017 07:30:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51af1c12
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51af1c12
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e629
ID des fehlerhaften Prozesses: 0x598
Startzeit der fehlerhaften Anwendung: 0x01d341244906a4b3
Pfad der fehlerhaften Anwendung: C:\Windows\system32\atieclxx.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\atieclxx.exe
Berichtskennung: 901c2028-ad17-11e7-8c6b-0c84dc930afa
Error: (10/09/2017 07:23:38 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {74af6351-c2e4-4bcf-9fa0-bc7a146623ca}
Error: (10/09/2017 07:21:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "\\PETROS\Software\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (10/12/2017 05:36:39 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (10/12/2017 05:36:39 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
Error: (10/12/2017 05:21:23 PM) (Source: Service Control Manager) (EventID: 7018) (User: )
Description: Erkannte Ringabhängigkeiten starten Dienste automatisch. Überprüfen Sie die Abhängigkeitsstruktur des Diensts.
Error: (10/12/2017 05:21:23 PM) (Source: Service Control Manager) (EventID: 7019) (User: )
Description: Der Dienst "HitmanPro.Alert Service" ist von einem Dienst in einer Gruppe abhängig, der später gestartet wird. Ändern Sie die Reihenfolge in der Dienstabhängigkeitsstruktur, um sicherzustellen, dass alle für diesen Dienst erforderlichen Dienste gestartet sind, bevor dieser Dienst gestartet wird.
Error: (10/11/2017 08:23:23 PM) (Source: Service Control Manager) (EventID: 7018) (User: )
Description: Erkannte Ringabhängigkeiten starten Dienste automatisch. Überprüfen Sie die Abhängigkeitsstruktur des Diensts.
Error: (10/11/2017 08:23:23 PM) (Source: Service Control Manager) (EventID: 7019) (User: )
Description: Der Dienst "HitmanPro.Alert Service" ist von einem Dienst in einer Gruppe abhängig, der später gestartet wird. Ändern Sie die Reihenfolge in der Dienstabhängigkeitsstruktur, um sicherzustellen, dass alle für diesen Dienst erforderlichen Dienste gestartet sind, bevor dieser Dienst gestartet wird.
Error: (10/11/2017 07:46:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{995C996E-D918-4A8C-A302-45719A6F4EA7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/11/2017 07:45:35 PM) (Source: Service Control Manager) (EventID: 7018) (User: )
Description: Erkannte Ringabhängigkeiten starten Dienste automatisch. Überprüfen Sie die Abhängigkeitsstruktur des Diensts.
Error: (10/11/2017 07:45:35 PM) (Source: Service Control Manager) (EventID: 7019) (User: )
Description: Der Dienst "HitmanPro.Alert Service" ist von einem Dienst in einer Gruppe abhängig, der später gestartet wird. Ändern Sie die Reihenfolge in der Dienstabhängigkeitsstruktur, um sicherzustellen, dass alle für diesen Dienst erforderlichen Dienste gestartet sind, bevor dieser Dienst gestartet wird.
Error: (10/11/2017 07:44:34 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.
CodeIntegrity:
===================================
Date: 2017-10-09 19:15:11.572
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 19:15:11.447
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 19:07:28.954
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 19:07:28.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 18:29:20.860
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 18:29:20.735
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 18:21:13.345
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 18:21:13.220
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 17:55:46.107
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-10-09 17:55:45.967
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8040.56 MB
Verfügbarer physikalischer RAM: 5813.95 MB
Summe virtueller Speicher: 16079.31 MB
Verfügbarer virtueller Speicher: 13592.01 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:684.59 GB) (Free:575.07 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.94 GB) (Free:1.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: DC1E95EB)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=684.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0B)
==================== Ende von Addition.txt ============================
|
|
13.10.2017, 21:16
| #27 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] hallo cosinus |
|
13.10.2017, 21:29
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.10.2017, 08:26
| #29 |
| | HP Laptop Win7 braucht lange zum Hochfahren [gelöst]Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.10.17
Scan-Zeit: 22:33
Protokolldatei: c2b23c14-b055-11e7-a1d8-0c84dc930afa.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.212
Version des Aktualisierungspakets: 1.0.3007
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: NinaLamprou-HP\Nina Lamprou
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 361568
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 4 Min., 44 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter 22:40:08 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=
# end=init
# utc_time=2017-10-13 20:40:06
# local_time=2017-10-13 22:40:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
22:40:11 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=b0f6964a0e728a43b48d6818f30b7b65
# end=init
# utc_time=2017-10-13 20:40:11
# local_time=2017-10-13 22:40:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
22:40:30 Updating
22:40:30 Update Init
22:40:32 Update Download
22:44:08 Call m_esets_charon_send
22:44:08 Call m_esets_charon_destroy
22:44:12 Updating
22:44:12 Update Init
22:44:19 Update Download
22:47:11 esets_scanner_reload returned 0
22:47:11 g_uiModuleBuild: 35055
22:47:11 Update Finalize
22:47:11 Call m_esets_charon_send
22:47:11 Call m_esets_charon_destroy
22:47:11 Updated modules version: 35055
22:47:21 Call m_esets_charon_setup_create
22:47:21 Call m_esets_charon_create
22:47:21 m_esets_charon_create OK
22:47:21 Call m_esets_charon_start_send_thread
22:47:21 Call m_esets_charon_setup_set
22:47:21 m_esets_charon_setup_set OK
22:47:21 Scanner engine: 35055
00:37:19 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=b0f6964a0e728a43b48d6818f30b7b65
# engine=35055
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2017-10-13 22:37:18
# local_time=2017-10-14 00:37:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 36023 259564088 0 0
# scanned=2
# found=8
# cleaned=0
# scan_time=6605
sh=CFED644B92098C1D0B573FE4D23A3285B48C6974 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{3A28C5A8-4A95-4E10-909A-24DF0793B2AE}"
sh=0BA9BD5DA45E7217464AE9A830BD47A598D191D0 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\ProgramData\COMODO\Cis\Quarantine\data\{D337C3F1-C005-4A29-88C0-001CCAF17E88}"
sh=CFED644B92098C1D0B573FE4D23A3285B48C6974 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{3A28C5A8-4A95-4E10-909A-24DF0793B2AE}"
sh=0BA9BD5DA45E7217464AE9A830BD47A598D191D0 ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\All Users\COMODO\Cis\Quarantine\data\{D337C3F1-C005-4A29-88C0-001CCAF17E88}"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,ist OK" ac=I fn="C:\Users\Nina Lamprou\Acer_Laptop\Downloads\FreeYouTubeToMP3Converter.exe"
sh=DB114C512C17904D937B81F8F2DC9771CC69EA64 ft=1 fh=0000000000000000 vn="Win32/SoftonicDownloader.E eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Nina Lamprou\Acer_Laptop\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe"
sh=4C6E9208E3AA37496B81D67E66A4C205BEF09D82 ft=1 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Nina Lamprou\Elternverein!\Downloads\Cheat-Engine-lnstall.exe"
sh=90BDD5BAFBF048A2006546E8071B2B2D2DE1B54C ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadGuide.D eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Nina Lamprou\Elternverein!\Downloads\revosetup_CB-DL-Manager.exe"
09:23:39 Call m_esets_charon_send
09:23:39 Call m_esets_charon_destroy
09:23:40 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Nina Lamprou\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Malwarebytes
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 27.0.0.159
Mozilla Firefox (56.0)
Google Chrome (61.0.3163.100)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Nina Lamprou Elternverein! Downloads esetonlinescanner_deu.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
14.10.2017, 08:29
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HP Laptop Win7 braucht lange zum Hochfahren [gelöst] Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\COMODO
C:\Users\All Users\COMODO
C:\Users\Nina Lamprou\Acer_Laptop\Downloads\FreeYouTubeToMP3Converter.exe
C:\Users\Nina Lamprou\Acer_Laptop\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
C:\Users\Nina Lamprou\Elternverein!\Downloads\Cheat-Engine-lnstall.exe
C:\Users\Nina Lamprou\Elternverein!\Downloads\revosetup_CB-DL-Manager.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu HP Laptop Win7 braucht lange zum Hochfahren |
| anwendungen, autoruns, autostart, brauch, center, comodo, control, dienste, ebenfalls, einträge, festplatte, file, hochfahren, intel, interne, internet, laptop, platte, relativ, scan, security, startet, win, win7, windows |
Linear-Darstellung
