|
Log-Analyse und Auswertung: Firefox startet mit FehlermeldungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.10.2017, 11:55 | #1 | ||||
| Firefox startet mit Fehlermeldung Hallo liebe Leute! Folgendes Problem beim starten des Rechners tritt auf wenn ich Firefox starte. Zitat:
Protokolle Zitat:
Zitat:
Zitat:
|
28.10.2017, 12:17 | #2 |
/// TB-Ausbilder | Firefox startet mit FehlermeldungMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 0 Alle alten Logdateien von AdwCleaner (zu finden unter C:\AdwCleaner\) posten! Schritt 1
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
28.10.2017, 12:50 | #3 |
| Firefox startet mit FehlermeldungCode:
ATTFilter # AdwCleaner 7.0.4.0 - Logfile created on Sat Oct 28 10:09:57 2017 # Updated on 2017/27/10 by Malwarebytes # Database: 10-28-2017.1 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** PUP.Adware.Heuristic, 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[C1].txt - [1280 B] - [2017/10/27 23:6:34] C:/AdwCleaner/AdwCleaner[C2].txt - [1417 B] - [2017/10/27 23:13:1] C:/AdwCleaner/AdwCleaner[C3].txt - [1620 B] - [2017/10/28 9:33:16] C:/AdwCleaner/AdwCleaner[C4].txt - [1824 B] - [2017/10/28 9:44:37] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] C:/AdwCleaner/AdwCleaner[S2].txt - [1244 B] - [2017/10/27 23:12:38] C:/AdwCleaner/AdwCleaner[S3].txt - [1381 B] - [2017/10/27 23:24:9] C:/AdwCleaner/AdwCleaner[S4].txt - [1449 B] - [2017/10/28 9:32:5] C:/AdwCleaner/AdwCleaner[S5].txt - [1584 B] - [2017/10/28 9:35:33] C:/AdwCleaner/AdwCleaner[S6].txt - [1652 B] - [2017/10/28 9:44:24] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt ########## Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2017 durchgeführt von Pegasus (28-10-2017 12:46:57) Gestartet von C:\Users\Pegasus\Downloads Windows 10 Pro Version 1703 15063.674 (X64) (2017-07-24 18:35:07) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2446509630-2703652802-741451858-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-2446509630-2703652802-741451858-503 - Limited - Disabled) Gast (S-1-5-21-2446509630-2703652802-741451858-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2446509630-2703652802-741451858-1005 - Limited - Enabled) Pegasus (S-1-5-21-2446509630-2703652802-741451858-1001 - Administrator - Enabled) => C:\Users\Pegasus ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1717, 08.05.2016 - AIMP DevTeam) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Bethesda Launcher (HKLM\...\{27661104-880E-45FC-BBB9-2132C920E8DB}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Druckerdeinstallation für EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version: - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.19.5276 - GOM & Company) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.14.123.2017 - Realtek) Stronghold Crusader 2 (HKLM-x32\...\1433852499_is1) (Version: 2.2.0.7 - GOG.com) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8) (Version: - ) The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8) (Version: 1.4.2.0.8 - .x.X.RIDDICK.X.x.) The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8) (Version: 1.5.3.0.8 - .x.X.RIDDICK.X.x.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-20] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {28E5FC2E-58D9-40F3-826D-50FB94DAA5ED} - System32\Tasks\{8483B996-1BFF-4502-8AFF-B0470BE6E3A3} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Pegasus\AppData\Local\{FA62CC3E-DECA-A086-B352-856E973A79F6}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir Task: {317F585F-1EB8-427C-840A-D25123030075} - \Driver Booster SkipUAC (Pegasus) -> Keine Datei <==== ACHTUNG Task: {4DD6ABC4-FF33-4DA3-AE46-9A09353E2A92} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd) Task: {4FE24BC0-662E-4041-B971-00C03D15A91E} - System32\Tasks\{54985634-2E7F-48AF-9431-366C35E4F036} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\" Task: {5497958C-BA3D-4DEB-9838-BFCF754C8454} - System32\Tasks\S-1-5-21-2446509630-2703652802-741451858-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {553134D3-3000-4E23-840C-FC450EDBE383} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd) Task: {902A8AE6-3666-4A6F-A17E-85EBD12A42C5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-20] (Advanced Micro Devices, Inc.) Task: {D7AAA24F-BF49-448B-8CD3-20BBA3C6B5CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated) Task: {F007824A-2455-4227-8A08-3CE16A623107} - System32\Tasks\{47A746BA-8694-479E-8FC4-7DDE2A8069A4} => C:\Windows\system32\pcalua.exe -a "E:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "E:\The Elder Scrolls V Skyrim Legendary Edition" Task: {FDE9C925-7D03-4018-A8F6-2341C884462C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-22 01:55 - 2017-07-22 01:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2017-07-22 01:55 - 2017-07-22 01:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2017-10-18 18:19 - 2017-10-18 18:19 - 000090376 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-10-30 09:24 - 2016-07-13 21:31 - 000000857 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 player.kmpmedia.net ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2446509630-2703652802-741451858-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pegasus\Pictures\456523.jpg DNS Servers: 195.34.133.21 - 212.186.211.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdaptiveSleepService => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Backupper Service => 2 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "Chromium" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [UDP Query User{6C492A7A-7F43-4AEB-BD7B-6E0055CB0A06}C:\gog games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Allow) C:\gog games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe FirewallRules: [TCP Query User{EEEE742F-3EF7-4C5B-A6F9-EB7C7E11DACB}C:\gog games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Allow) C:\gog games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe FirewallRules: [{9CEFBED5-8187-4FAB-8921-E13275323127}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D318FA96-E9BB-4350-B721-114855690373}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Wiederherstellungspunkte ========================= 12-10-2017 14:02:58 Windows Update 18-10-2017 15:57:35 Windows Update 25-10-2017 21:30:44 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Systemfehler: ============= Error: (10/28/2017 12:10:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (10/28/2017 12:10:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: Die Pipe wurde beendet. Error: (10/28/2017 12:10:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2017 12:10:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 12:10:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "EPSON V3 Service4(06)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 12:10:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Epson Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 12:10:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 11:45:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (10/28/2017 11:44:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2017 11:44:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2017-10-26 20:58:09.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:38.029 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:20.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:52.426 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.686 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:35.791 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:26:18.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: AMD Phenom(tm) II X6 1090T Processor Prozentuale Nutzung des RAM: 16% Installierter physikalischer RAM: 16345.35 MB Verfügbarer physikalischer RAM: 13715.16 MB Summe virtueller Speicher: 18777.35 MB Verfügbarer virtueller Speicher: 15917.96 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:464.77 GB) (Free:392.69 GB) NTFS Drive d: (Musik) (Fixed) (Total:931.39 GB) (Free:925.52 GB) NTFS Drive e: (Daten) (Fixed) (Total:465.63 GB) (Free:234.73 GB) NTFS Drive f: (Privat) (Fixed) (Total:232.88 GB) (Free:227.32 GB) NTFS Drive g: (Volume) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9817019D) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F3FCF3FC) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 3079740B) Partition: GPT. ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 23CE48D0) Partition: GPT. ==================== Ende von Addition.txt ============================ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017 durchgeführt von Pegasus (Administrator) auf HEIMRECHNER (28-10-2017 12:46:23) Gestartet von C:\Users\Pegasus\Downloads Geladene Profile: Pegasus (Verfügbare Profile: Pegasus & Administrator) Platform: Windows 10 Pro Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd) GroupPolicy: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 127.0.0.1 player.kmpmedia.net Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{51b53668-26b4-496b-b422-f52d5e800dcb}: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{e11603dd-8e96-4929-b72a-81ffb3d512bc}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2446509630-2703652802-741451858-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) FireFox: ======== FF ProfilePath: C:\Users\Pegasus\AppData\Roaming\Mozilla\Firefox\Profiles\jnn6wtmc.default [2017-10-28] FF Homepage: Mozilla\Firefox\Profiles\jnn6wtmc.default -> hxxp://google.at FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Pegasus\AppData\Roaming\Mozilla\Firefox\Profiles\jnn6wtmc.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-28] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-10-14] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] () FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe [481808 2017-10-23] (AMD) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-24] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmdag.sys [40030736 2017-10-23] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmpag.sys [545296 2017-10-23] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118960 2017-10-13] (Advanced Micro Devices) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-09] (REALiX(tm)) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197344 2017-10-14] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [592088 2017-10-14] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186184 2017-10-28] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021656 2017-10-14] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-01-03] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-26] (AO Kaspersky Lab) S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-06] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-06] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-03-20] (Realtek ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-09-15] () R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-09-15] () R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-09-15] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) U3 WMPNetworkSvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-28 12:46 - 2017-10-28 12:46 - 000012489 _____ C:\Users\Pegasus\Downloads\FRST.txt 2017-10-28 12:24 - 2017-10-28 12:26 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\Mozilla 2017-10-28 12:24 - 2017-10-28 12:25 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Mozilla 2017-10-28 12:24 - 2017-10-28 12:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-28 12:24 - 2017-10-28 12:24 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Mozilla 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-28 12:23 - 2017-10-28 12:23 - 000000448 _____ C:\Users\Pegasus\Documents\cc_20171028_122315.reg 2017-10-28 12:22 - 2017-10-28 12:22 - 010427120 _____ (Piriform Ltd) C:\Users\Pegasus\Downloads\ccsetup536.exe 2017-10-28 12:22 - 2017-10-28 12:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2017-10-28 12:21 - 2017-10-28 12:21 - 000000000 ____D C:\Users\Pegasus\Downloads\enbseries_skyrimse_v0310 2017-10-28 12:04 - 2017-10-28 12:04 - 000048986 _____ C:\Users\Pegasus\Downloads\bookmarks-2017-10-28.json 2017-10-28 11:46 - 2017-10-28 11:53 - 000000861 _____ C:\Users\Pegasus\Desktop\Neues Textdokument (2).txt 2017-10-28 11:37 - 2017-10-28 12:46 - 000000000 ____D C:\FRST 2017-10-28 11:36 - 2017-10-28 11:37 - 002403328 _____ (Farbar) C:\Users\Pegasus\Downloads\FRST64.exe 2017-10-28 11:30 - 2017-10-28 11:30 - 008261584 _____ (Malwarebytes) C:\Users\Pegasus\Downloads\adwcleaner_7.0.4.0.exe 2017-10-28 00:45 - 2017-10-28 12:41 - 000000000 ____D C:\AdwCleaner 2017-10-28 00:35 - 2017-10-28 12:10 - 000243080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-27 19:59 - 2017-10-27 19:59 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Skype 2017-10-26 20:59 - 2017-10-26 21:05 - 000001320 _____ C:\Users\Pegasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-26 02:32 - 2017-10-26 02:32 - 000424960 _____ C:\WINDOWS\b364bdb63c344871f098e7da7c194960.exe 2017-10-26 02:32 - 2017-10-26 02:32 - 000039812 _____ C:\WINDOWS\uninstaller.dat 2017-10-25 13:14 - 2017-10-25 13:14 - 000000000 ____D C:\Users\Pegasus\Downloads\Sarah McLachlan - In the arms of an angel 2017-10-24 16:15 - 2017-10-24 16:15 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN 2017-10-24 16:15 - 2017-10-24 16:15 - 000000194 _____ C:\LaunchURL.txt 2017-10-24 16:15 - 2017-10-24 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2017-10-24 16:14 - 2017-10-24 16:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-10-24 16:13 - 2017-10-24 16:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-10-24 16:13 - 2017-10-24 16:13 - 000000000 ____D C:\Users\Pegasus\AppData\Local\RadeonInstaller 2017-10-23 19:12 - 2017-10-23 19:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000552976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000168976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000145936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000131304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin 2017-10-23 19:12 - 2017-10-23 19:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man 2017-10-20 19:18 - 2017-10-20 19:18 - 000151592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2017-10-20 19:18 - 2017-10-20 19:18 - 000123752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2017-10-15 23:50 - 2017-10-15 23:50 - 000000000 ____D C:\Users\Pegasus\AppData\Local\usvfs 2017-10-13 05:18 - 2017-10-13 05:18 - 000123368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll 2017-10-12 14:10 - 2017-10-12 14:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-12 14:07 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2017-10-12 14:07 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-10-12 14:07 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2017-10-12 14:07 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-10-12 14:07 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-10-12 14:07 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-10-12 14:07 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2017-10-12 14:07 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-10-12 14:07 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-10-12 14:07 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-10-12 14:07 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-10-12 14:07 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-10-12 14:07 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-10-12 14:07 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-10-12 14:07 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-10-12 14:07 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-10-12 14:07 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll 2017-10-12 14:07 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-10-12 14:07 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2017-10-12 14:07 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-10-12 14:07 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-10-12 14:07 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-10-12 14:07 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-10-12 14:07 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-10-12 14:07 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-10-12 14:07 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-10-12 14:07 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-10-12 14:07 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-10-12 14:07 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2017-10-12 14:07 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2017-10-12 14:07 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe 2017-10-12 14:07 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-10-12 14:07 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-10-12 14:07 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls 2017-10-12 14:07 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-10-12 14:07 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-10-12 14:07 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-10-12 14:07 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-10-12 14:07 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2017-10-12 14:07 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-10-12 14:06 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-10-12 14:06 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-10-12 14:06 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-10-12 14:06 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-10-12 14:06 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-10-12 14:06 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-10-12 14:06 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-10-12 14:06 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-10-12 14:06 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-10-12 14:06 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-10-12 14:06 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-10-12 14:06 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-10-12 14:06 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-10-12 14:06 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-10-12 14:06 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2017-10-12 14:06 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-10-12 14:06 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-10-12 14:06 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2017-10-12 14:06 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-10-12 14:06 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2017-10-12 14:06 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2017-10-12 14:06 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2017-10-12 14:05 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-10-12 14:05 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-10-12 14:05 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-10-12 14:05 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-10-12 14:05 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-10-12 14:05 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-10-12 14:05 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-10-12 14:05 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-10-12 14:05 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-10-12 14:05 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-10-12 14:05 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-10-12 14:05 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-10-12 14:05 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-10-12 14:05 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-10-12 14:05 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-10-12 14:05 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll 2017-10-12 14:05 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-10-12 14:05 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-10-12 14:05 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-10-12 14:05 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-10-12 14:05 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-10-12 14:05 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-10-12 14:05 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2017-10-12 14:05 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-10-12 14:05 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2017-10-12 14:05 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-10-12 14:05 - 2017-09-29 09:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-10-12 14:05 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-10-12 14:04 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-10-12 14:04 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-10-12 14:04 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-10-12 14:04 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-10-12 14:04 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2017-10-12 14:04 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-10-12 14:04 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-10-12 14:04 - 2017-09-30 07:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2017-10-12 14:04 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-10-12 14:04 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-10-12 14:04 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-10-12 14:04 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-10-12 14:04 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-10-12 14:04 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll 2017-10-12 14:04 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-10-12 14:04 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-10-12 14:04 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-10-12 14:04 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2017-10-12 14:04 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2017-10-12 14:04 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-10-12 14:04 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-10-12 14:04 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-10-12 14:04 - 2017-09-29 09:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2017-10-12 14:04 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-10-12 14:04 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-10-12 14:04 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-10-12 14:04 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll 2017-10-12 14:04 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2017-10-12 14:04 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2017-10-12 14:04 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-10-12 14:04 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-10-12 14:04 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe 2017-10-12 14:04 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-10-12 14:04 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-10-12 14:04 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-10-12 14:04 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-10-12 14:04 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2017-10-12 14:04 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll 2017-10-12 14:04 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2017-10-12 14:03 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-10-12 14:03 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-10-12 14:03 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-10-12 14:03 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-10-12 14:03 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-10-12 14:03 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-10-12 14:03 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2017-10-12 14:03 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-10-12 14:03 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-10-12 14:03 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-10-12 14:03 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-10-12 14:03 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-10-12 14:03 - 2017-09-30 07:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-10-12 14:03 - 2017-09-30 07:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-10-12 14:03 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-10-12 14:03 - 2017-09-30 07:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-10-12 14:03 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-10-12 14:03 - 2017-09-30 07:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-10-12 14:03 - 2017-09-30 07:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-10-12 14:03 - 2017-09-30 07:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-10-12 14:03 - 2017-09-30 07:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-10-12 14:03 - 2017-09-30 07:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-10-12 14:03 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-10-12 14:03 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-10-12 14:03 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-10-12 14:03 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-10-12 14:03 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2017-10-12 14:03 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-10-12 14:03 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-10-12 14:03 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-10-12 14:03 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-10-12 14:03 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-10-12 14:03 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-10-12 14:03 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-10-12 14:03 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-10-12 14:03 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-10-12 14:03 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-10-12 14:03 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-10-12 14:03 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-10-12 14:03 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2017-10-12 14:03 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-10-12 14:03 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2017-10-12 14:03 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-10-12 14:03 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-10-12 14:03 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-10-07 15:27 - 2017-10-07 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-10-07 15:27 - 2017-10-07 15:27 - 000000000 ____D C:\Program Files\7-Zip 2017-10-07 11:22 - 2017-10-10 12:03 - 000001571 _____ C:\Users\Pegasus\Desktop\ModOrganizer - Verknüpfung.lnk 2017-10-07 10:24 - 2017-10-07 10:24 - 000000000 ____D C:\Users\Pegasus\AppData\Local\LOOT 2017-10-07 10:22 - 2017-10-27 22:30 - 000000000 ____D C:\Users\Pegasus\AppData\Local\ModOrganizer 2017-10-07 10:22 - 2017-10-27 10:47 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-10-07 10:21 - 2017-10-07 10:21 - 000000000 ____D C:\Program Files (x86)\ModOrganizer 2017-10-06 17:51 - 2017-10-16 20:56 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Skyrim Special Edition 2017-10-06 17:51 - 2017-10-06 21:30 - 000000000 ____D C:\Users\Pegasus\Documents\My Games 2017-10-06 17:46 - 2017-10-06 17:46 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2017-10-06 17:44 - 2017-10-07 16:43 - 000000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim Special Edition ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-28 12:34 - 2017-01-03 12:16 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-10-28 12:22 - 2016-06-02 16:18 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-10-28 12:22 - 2016-06-02 16:18 - 000000000 ____D C:\Program Files\CCleaner 2017-10-28 12:15 - 2017-07-24 20:34 - 002661796 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-28 12:15 - 2017-03-20 06:41 - 001238112 _____ C:\WINDOWS\system32\perfh007.dat 2017-10-28 12:15 - 2017-03-20 06:41 - 000287722 _____ C:\WINDOWS\system32\perfc007.dat 2017-10-28 12:10 - 2017-07-24 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-28 12:10 - 2017-07-24 20:25 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-10-28 12:10 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-10-28 11:15 - 2017-07-24 20:31 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1FFED1F3-190E-4D34-8B67-AC3958AAA466} 2017-10-28 00:18 - 2017-06-09 09:43 - 000000546 _____ C:\Users\Pegasus\Desktop\Temine.txt 2017-10-27 22:27 - 2017-07-24 20:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-27 16:53 - 2016-05-11 13:13 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\AIMP 2017-10-27 10:42 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-27 10:42 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-27 01:44 - 2016-05-11 13:47 - 000000000 ____D C:\Users\Pegasus\AppData\Local\JDownloader v2.0 2017-10-26 20:07 - 2017-03-18 13:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2017-10-26 15:22 - 2017-05-26 12:32 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\vlc 2017-10-26 11:32 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-25 21:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-25 21:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-24 16:15 - 2017-07-24 20:25 - 000000000 ____D C:\Program Files\AMD 2017-10-24 16:14 - 2017-09-25 20:03 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\AMD 2017-10-24 16:14 - 2017-09-23 10:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-10-24 16:13 - 2017-04-16 14:46 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml 2017-10-23 19:12 - 2017-09-21 20:54 - 002542608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000467984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 013536784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 011099664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 002924560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000875536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000708112 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000704016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000556560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000480272 _____ C:\WINDOWS\system32\dgtrayicon.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000470544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000458768 _____ C:\WINDOWS\system32\GameManager64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000445968 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000414736 _____ C:\WINDOWS\system32\atieah64.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000382992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000366608 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000361488 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000352272 _____ C:\WINDOWS\system32\clinfo.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000334864 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000277008 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000242704 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000232464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000203792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000180240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000159248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000157864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000157712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000149600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000135696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000133648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000124944 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000117264 _____ C:\WINDOWS\system32\atidxx64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000114192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000101904 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000099344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000069648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000045584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000042512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000548432 _____ C:\WINDOWS\system32\amdmiracast.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000186416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000164544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000116208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000102656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2017-10-23 19:12 - 2017-07-12 20:06 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2017-10-23 19:12 - 2017-07-12 20:06 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2017-10-23 19:12 - 2017-07-12 20:06 - 000834312 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2017-10-23 19:12 - 2017-07-12 20:06 - 000834312 _____ C:\WINDOWS\system32\atiapfxx.blb 2017-10-23 19:12 - 2017-07-12 20:06 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json 2017-10-23 19:12 - 2017-07-12 20:06 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json 2017-10-18 15:57 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-17 14:59 - 2017-02-28 14:54 - 000000000 ____D C:\Users\Pegasus\AppData\Local\VirtualStore 2017-10-14 21:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-14 12:15 - 2017-01-03 12:16 - 001021656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-10-14 12:15 - 2017-01-03 12:16 - 000197344 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-10-14 12:15 - 2016-06-20 18:54 - 000592088 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-10-13 05:14 - 2017-04-26 09:09 - 000118960 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys 2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-12 20:08 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-10-12 20:04 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2017-10-12 20:04 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2017-10-12 14:11 - 2016-05-11 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-10-12 14:10 - 2016-05-11 13:27 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-07 16:42 - 2017-07-24 20:26 - 000000000 ____D C:\Users\Pegasus ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-04-16 14:46 - 2017-10-24 16:13 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-10-20 20:52 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 28.10.17 Scan-Zeit: 13:46 Protokolldatei: 937251c4-bbd5-11e7-9c06-5404a629c53b.json Administrator: Ja -Softwaredaten- Version: 3.2.2.2029 Komponentenversion: 1.0.212 Version des Aktualisierungspakets: 1.0.3116 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 15063.674) CPU: x64 Dateisystem: NTFS Benutzer: HEIMRECHNER\Pegasus -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Ergebnis: Abgeschlossen Gescannte Objekte: 399066 Erkannte Bedrohungen: 0 (keine bösartigen Elemente erkannt) In die Quarantäne verschobene Bedrohungen: 0 (keine bösartigen Elemente erkannt) Abgelaufene Zeit: 0 Min., 59 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) (end) |
28.10.2017, 12:54 | #4 | |
/// TB-Ausbilder | Firefox startet mit Fehlermeldung Servus, ich bitte dich, meine Anweisungen zu lesen und auch so umzusetzen. zu Schritt 0: Du hast nicht alle Logdateien gepostet, sondern nur eine. Ich will insbesondere die Inhalte der folgenden Logdateien sehen: Zitat:
zu Schritt 1: Außerdem hast du AdwCleaner nicht so ausgeführt wie beschrieben. Bitte nochmal ausführen und die Logdatei des Löschvorgangs posten. |
28.10.2017, 13:47 | #5 |
| Firefox startet mit Fehlermeldung C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 23:01:30 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** Deleted: C:\Windows\System32\\SSL Deleted: C:\Windows\SysWOW64\\SSL Deleted: C:\Program Files\b4b7fa31a4677c257ac12ba7dfeff987 ***** [ Files ] ***** Deleted: C:\END ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence Deleted: [Key] - HKLM\SOFTWARE\Auslogics ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 23:06:34 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ########## Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 23:13:01 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[C1].txt - [1280 B] - [2017/10/27 23:6:34] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] C:/AdwCleaner/AdwCleaner[S2].txt - [1244 B] - [2017/10/27 23:12:38] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ########## Code:
ATTFilter # AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 27 23:13:01 2017 # Updated on 2017/29/09 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[C1].txt - [1280 B] - [2017/10/27 23:6:34] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] C:/AdwCleaner/AdwCleaner[S2].txt - [1244 B] - [2017/10/27 23:12:38] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ########## C:/AdwCleaner/AdwCleaner[C4].txt - [1824 B] - [2017/10/28 9:44:37] Code:
ATTFilter # AdwCleaner 7.0.4.0 - Logfile created on Sat Oct 28 09:44:37 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[C1].txt - [1280 B] - [2017/10/27 23:6:34] C:/AdwCleaner/AdwCleaner[C2].txt - [1417 B] - [2017/10/27 23:13:1] C:/AdwCleaner/AdwCleaner[C3].txt - [1620 B] - [2017/10/28 9:33:16] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] C:/AdwCleaner/AdwCleaner[S2].txt - [1244 B] - [2017/10/27 23:12:38] C:/AdwCleaner/AdwCleaner[S3].txt - [1381 B] - [2017/10/27 23:24:9] C:/AdwCleaner/AdwCleaner[S4].txt - [1449 B] - [2017/10/28 9:32:5] C:/AdwCleaner/AdwCleaner[S5].txt - [1584 B] - [2017/10/28 9:35:33] C:/AdwCleaner/AdwCleaner[S6].txt - [1652 B] - [2017/10/28 9:44:24] ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt ########## Code:
ATTFilter # AdwCleaner 7.0.4.0 - Logfile created on Sat Oct 28 09:44:37 2017 # Updated on 2017/27/10 by Malwarebytes # Running on Windows 10 Pro (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** Deleted: 0ef9420eece2493a4d19650d0d438eb5 ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1593 B] - [2017/10/27 23:1:30] C:/AdwCleaner/AdwCleaner[C1].txt - [1280 B] - [2017/10/27 23:6:34] C:/AdwCleaner/AdwCleaner[C2].txt - [1417 B] - [2017/10/27 23:13:1] C:/AdwCleaner/AdwCleaner[C3].txt - [1620 B] - [2017/10/28 9:33:16] C:/AdwCleaner/AdwCleaner[S0].txt - [1564 B] - [2017/10/27 22:47:14] C:/AdwCleaner/AdwCleaner[S1].txt - [1109 B] - [2017/10/27 23:4:3] C:/AdwCleaner/AdwCleaner[S2].txt - [1244 B] - [2017/10/27 23:12:38] C:/AdwCleaner/AdwCleaner[S3].txt - [1381 B] - [2017/10/27 23:24:9] C:/AdwCleaner/AdwCleaner[S4].txt - [1449 B] - [2017/10/28 9:32:5] C:/AdwCleaner/AdwCleaner[S5].txt - [1584 B] - [2017/10/28 9:35:33] C:/AdwCleaner/AdwCleaner[S6].txt - [1652 B] - [2017/10/28 9:44:24] ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt ########## |
28.10.2017, 20:31 | #6 |
/// TB-Ausbilder | Firefox startet mit Fehlermeldung Servus, danke für die Logdateien. Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
28.10.2017, 21:27 | #7 |
| Firefox startet mit Fehlermeldung Hallo M-K-D-B! Hab mich ja noch gar nicht für deine Hilfe bedankt. Vielen dank Hoffe ich kann dir auch mal behilflich sein Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2017 durchgeführt von Pegasus (28-10-2017 22:06:29) Run:2 Gestartet von C:\Users\Pegasus\Downloads Geladene Profile: Pegasus (Verfügbare Profile: Pegasus & Administrator) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: GroupPolicy: Beschränkung <==== ACHTUNG DisableService: 0ef9420eece2493a4d19650d0d438eb5 2017-10-26 02:32 - 2017-10-26 02:32 - 000424960 _____ C:\WINDOWS\b364bdb63c344871f098e7da7c194960.exe 2017-10-26 02:32 - 2017-10-26 02:32 - 000039812 _____ C:\WINDOWS\uninstaller.dat DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0ef9420eece2493a4d19650d0d438eb5 Task: {28E5FC2E-58D9-40F3-826D-50FB94DAA5ED} - System32\Tasks\{8483B996-1BFF-4502-8AFF-B0470BE6E3A3} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Pegasus\AppData\Local\{FA62CC3E-DECA-A086-B352-856E973A79F6}\uninst.exe -c -P=/Uninstall /s /noun /DelSelfDir C:\Users\Pegasus\AppData\Local\{FA62CC3E-DECA-A086-B352-856E973A79F6} Task: {317F585F-1EB8-427C-840A-D25123030075} - \Driver Booster SkipUAC (Pegasus) -> Keine Datei <==== ACHTUNG CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "%CommonProgramFiles(x86)%" CMD: dir "%CommonProgramW6432%" CMD: dir "%UserProfile%" CMD: dir "C:\" ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions Hosts: RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: ***************** Prozesse erfolgreich geschlossen. "C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden. 0ef9420eece2493a4d19650d0d438eb5 => nicht gefunden. "C:\WINDOWS\b364bdb63c344871f098e7da7c194960.exe" => nicht gefunden. "C:\WINDOWS\uninstaller.dat" => nicht gefunden. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0ef9420eece2493a4d19650d0d438eb5 => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28E5FC2E-58D9-40F3-826D-50FB94DAA5ED} => Schlüssel nicht gefunden. C:\WINDOWS\System32\Tasks\{8483B996-1BFF-4502-8AFF-B0470BE6E3A3} => nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8483B996-1BFF-4502-8AFF-B0470BE6E3A3} => Schlüssel nicht gefunden. "C:\Users\Pegasus\AppData\Local\{FA62CC3E-DECA-A086-B352-856E973A79F6}" => nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{317F585F-1EB8-427C-840A-D25123030075} => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Pegasus) => Schlüssel nicht gefunden. ========= dir "%ProgramFiles%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Program Files 28.10.2017 13:37 <DIR> . 28.10.2017 13:37 <DIR> .. 07.10.2017 15:27 <DIR> 7-Zip 24.10.2017 16:15 <DIR> AMD 28.10.2017 12:22 <DIR> CCleaner 24.10.2017 16:14 <DIR> Common Files 16.02.2017 12:39 <DIR> CPUID 11.05.2016 14:22 <DIR> Intel 13.09.2017 02:32 <DIR> Internet Explorer 18.04.2017 18:52 <DIR> IrfanView 28.10.2017 13:37 <DIR> Malwarebytes 26.07.2017 12:08 <DIR> Microsoft Games 11.05.2016 14:54 <DIR> Microsoft Office 28.10.2017 12:24 <DIR> Mozilla Firefox 24.07.2017 21:11 <DIR> MSBuild 24.07.2017 21:11 <DIR> Reference Assemblies 29.06.2017 13:15 <DIR> UNP 01.03.2017 10:58 <DIR> VideoLAN 24.07.2017 21:21 <DIR> Windows Defender 20.03.2017 06:43 <DIR> Windows Defender Advanced Threat Protection 13.09.2017 02:32 <DIR> Windows Mail 24.07.2017 20:27 <DIR> Windows Media Player 18.03.2017 23:03 <DIR> Windows Multimedia Platform 24.07.2017 20:34 <DIR> Windows NT 13.09.2017 02:32 <DIR> Windows Photo Viewer 18.03.2017 23:03 <DIR> Windows Portable Devices 18.03.2017 23:03 <DIR> Windows Security 18.03.2017 23:03 <DIR> WindowsPowerShell 11.05.2016 13:33 <DIR> WinRAR 0 Datei(en), 0 Bytes 29 Verzeichnis(se), 417.020.530.688 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramFiles(x86)%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Program Files (x86) 28.10.2017 12:24 <DIR> . 28.10.2017 12:24 <DIR> .. 15.05.2017 14:58 <DIR> Adobe 11.05.2016 13:12 <DIR> AIMP 23.09.2017 10:56 <DIR> AMD 24.07.2017 20:27 <DIR> Common Files 15.05.2017 14:50 <DIR> epson 15.05.2017 14:41 <DIR> EPSON Software 22.04.2017 09:07 <DIR> ffdshow 30.08.2016 09:59 <DIR> FinalWire 30.11.2016 13:12 <DIR> GPU-Z 28.03.2017 11:14 <DIR> GRETECH 13.09.2017 02:32 <DIR> Internet Explorer 03.01.2017 12:16 <DIR> Kaspersky Lab 06.06.2017 12:26 <DIR> Microsoft Office 12.05.2016 08:57 <DIR> Microsoft SDKs 24.07.2017 20:27 <DIR> Microsoft.NET 07.10.2017 10:21 <DIR> ModOrganizer 28.10.2017 12:24 <DIR> Mozilla Maintenance Service 24.07.2017 21:11 <DIR> MSBuild 23.03.2017 14:12 <DIR> Realtek 24.07.2017 21:11 <DIR> Reference Assemblies 23.09.2017 10:28 <DIR> Samsung 07.10.2017 16:43 <DIR> The Elder Scrolls V Skyrim Special Edition 28.03.2017 11:00 <DIR> VideoLAN 24.10.2017 16:14 <DIR> VulkanRT 24.07.2017 21:21 <DIR> Windows Defender 13.09.2017 02:32 <DIR> Windows Mail 24.07.2017 20:27 <DIR> Windows Media Player 18.03.2017 23:03 <DIR> Windows Multimedia Platform 18.03.2017 23:03 <DIR> Windows NT 13.09.2017 02:32 <DIR> Windows Photo Viewer 18.03.2017 23:03 <DIR> Windows Portable Devices 18.03.2017 23:03 <DIR> WindowsPowerShell 0 Datei(en), 0 Bytes 34 Verzeichnis(se), 417.020.469.248 Bytes frei ========= Ende von CMD: ========= ========= dir "%ProgramData%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\ProgramData 15.05.2017 15:14 <DIR> Adobe 11.06.2017 19:39 <DIR> ATI 28.10.2017 15:50 <DIR> boost_interprocess 15.05.2017 14:49 <DIR> EPSON 28.03.2017 11:14 <DIR> GRETECH 28.10.2017 22:05 <DIR> Kaspersky Lab 28.10.2017 13:37 <DIR> Malwarebytes 06.06.2017 12:40 <DIR> Microsoft Help 24.07.2017 20:36 <DIR> Microsoft OneDrive 28.05.2017 21:17 <DIR> Package Cache 28.05.2016 11:46 <DIR> regid.1986-12.com.adobe 24.07.2017 20:30 <DIR> regid.1991-06.com.microsoft 08.04.2017 14:54 <DIR> Samsung 18.03.2017 23:03 <DIR> SoftwareDistribution 24.10.2017 16:13 60 SoftwareUpdateTemp.xml 27.06.2016 12:39 <DIR> UDL 24.07.2017 20:35 <DIR> USOPrivate 24.07.2017 20:35 <DIR> USOShared 20.03.2017 06:43 <DIR> WindowsHolographicDevices 1 Datei(en), 60 Bytes 18 Verzeichnis(se), 417.020.407.808 Bytes frei ========= Ende von CMD: ========= ========= dir "%Appdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Users\Pegasus\AppData\Roaming 28.10.2017 12:24 <DIR> . 28.10.2017 12:24 <DIR> .. 15.05.2017 15:13 <DIR> Adobe 27.10.2017 16:53 <DIR> AIMP 11.06.2017 19:39 <DIR> ATI 20.04.2017 13:39 <DIR> deezloader-app 04.11.2016 13:00 <DIR> Epson 28.03.2017 11:14 <DIR> GRETECH 24.07.2017 20:43 <DIR> Identities 26.05.2017 12:20 <DIR> Intelli-studio 18.04.2017 18:52 <DIR> IrfanView 11.05.2016 14:15 <DIR> Macromedia 28.10.2017 12:24 <DIR> Mozilla 23.09.2017 10:28 <DIR> Samsung 27.10.2017 19:59 <DIR> Skype 28.10.2017 17:49 <DIR> vlc 11.05.2016 13:33 <DIR> WinRAR 24.03.2017 15:51 <DIR> XMedia Recode 0 Datei(en), 0 Bytes 18 Verzeichnis(se), 417.020.370.944 Bytes frei ========= Ende von CMD: ========= ========= dir "%LocalAppdata%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Users\Pegasus\AppData\Local 28.10.2017 22:04 <DIR> . 28.10.2017 22:04 <DIR> .. 14.09.2017 10:12 <DIR> Adobe 23.09.2017 10:57 <DIR> AMD 12.08.2017 13:03 <DIR> AMDDriverProfiles 11.06.2017 19:39 <DIR> ATI 11.05.2016 12:10 <DIR> Comms 28.09.2016 19:09 <DIR> ConnectedDevicesPlatform 01.09.2017 13:21 <DIR> DBG 28.10.2017 17:05 <DIR> JDownloader v2.0 07.10.2017 10:24 <DIR> LOOT 11.05.2016 14:15 <DIR> Macromedia 24.07.2017 20:36 <DIR> Microsoft 20.03.2017 14:08 <DIR> Microsoft Games 11.05.2016 14:54 <DIR> Microsoft Help 11.05.2016 12:13 <DIR> MicrosoftEdge 28.10.2017 20:00 <DIR> ModOrganizer 28.10.2017 12:25 <DIR> Mozilla 13.08.2017 13:48 <DIR> Packages 01.09.2017 11:09 <DIR> PeerDistRepub 06.10.2017 17:56 <DIR> Programs 11.05.2016 11:59 <DIR> Publishers 24.10.2017 16:13 <DIR> RadeonInstaller 07.07.2016 11:57 <DIR> RefSrcSymbols 16.10.2017 20:56 <DIR> Skyrim Special Edition 07.07.2016 11:57 <DIR> SymbolSourceSymbols 28.10.2017 22:04 <DIR> Temp 11.05.2016 11:59 <DIR> TileDataLayer 29.06.2017 13:15 <DIR> UNP 15.10.2017 23:50 <DIR> usvfs 17.10.2017 14:59 <DIR> VirtualStore 0 Datei(en), 0 Bytes 31 Verzeichnis(se), 417.020.309.504 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramFiles(x86)%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Program Files (x86)\Common Files 24.07.2017 20:27 <DIR> . 24.07.2017 20:27 <DIR> .. 15.05.2017 14:59 <DIR> Adobe 11.05.2016 14:55 <DIR> DESIGNER 24.07.2017 20:27 <DIR> Microsoft Shared 18.03.2017 23:03 <DIR> Services 24.07.2017 20:27 <DIR> System 31.03.2017 12:29 <DIR> Windows Live 0 Datei(en), 0 Bytes 8 Verzeichnis(se), 417.020.256.256 Bytes frei ========= Ende von CMD: ========= ========= dir "%CommonProgramW6432%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Program Files\Common Files 24.10.2017 16:14 <DIR> . 24.10.2017 16:14 <DIR> .. 24.10.2017 16:14 <DIR> ATI Technologies 15.05.2017 15:31 <DIR> AV 27.06.2016 12:01 <DIR> EPSON 11.05.2016 14:08 <DIR> Intel 15.05.2017 15:15 <DIR> McAfee 24.07.2017 20:27 <DIR> microsoft shared 18.03.2017 23:03 <DIR> Services 20.03.2017 06:41 <DIR> System 0 Datei(en), 0 Bytes 10 Verzeichnis(se), 417.020.203.008 Bytes frei ========= Ende von CMD: ========= ========= dir "%UserProfile%" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\Users\Pegasus 07.10.2017 16:42 <DIR> . 07.10.2017 16:42 <DIR> .. 12.10.2017 20:08 <DIR> Contacts 28.10.2017 11:46 <DIR> Desktop 28.10.2017 12:23 <DIR> Documents 28.10.2017 22:06 <DIR> Downloads 12.10.2017 20:08 <DIR> Music 23.09.2017 01:26 <DIR> OneDrive 12.10.2017 20:08 <DIR> Pictures 12.10.2017 20:08 <DIR> Saved Games 12.10.2017 20:08 <DIR> Searches 28.11.2016 10:16 9.157 Sti_Trace.log 21.10.2017 08:54 <DIR> Videos 1 Datei(en), 9.157 Bytes 12 Verzeichnis(se), 417.020.137.472 Bytes frei ========= Ende von CMD: ========= ========= dir "C:\" ========= Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 9C8D-F16C Verzeichnis von C:\ 28.10.2017 14:25 <DIR> AdwCleaner 28.10.2017 22:06 <DIR> FRST 26.12.2016 11:54 <DIR> GOG Games 24.10.2017 16:15 194 LaunchURL.txt 13.02.2016 19:29 <DIR> Logs 26.10.2017 03:33 <DIR> Microsoft 18.03.2017 23:03 <DIR> PerfLogs 28.10.2017 13:37 <DIR> Program Files 28.10.2017 12:24 <DIR> Program Files (x86) 24.07.2017 20:26 <DIR> Users 05.08.2017 12:26 <DIR> Win 28.10.2017 22:04 <DIR> Windows 1 Datei(en), 194 Bytes 11 Verzeichnis(se), 417.020.088.320 Bytes frei ========= Ende von CMD: ========= ================== ExportKey: =================== [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes] [HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths] === Ende von ExportKey === C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben Hosts erfolgreich wiederhergestellt. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-2446509630-2703652802-741451858-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-2446509630-2703652802-741451858-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zurckgesetzt. Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen. ========= Ende von CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 9986048 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6625151 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 0 B Edge => 0 B Chrome => 0 B Firefox => 6955800 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B Pegasus => 7302 B Administrator => 0 B RecycleBin => 0 B EmptyTemp: => 22.5 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 22:06:35 ==== Leider scannt das Programm ständig Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017 durchgeführt von Pegasus (Administrator) auf HEIMRECHNER (28-10-2017 22:21:01) Gestartet von C:\Users\Pegasus\Downloads Geladene Profile: Pegasus (Verfügbare Profile: Pegasus & Administrator) Platform: Windows 10 Pro Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{51b53668-26b4-496b-b422-f52d5e800dcb}: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{e11603dd-8e96-4929-b72a-81ffb3d512bc}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2446509630-2703652802-741451858-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) FireFox: ======== FF ProfilePath: C:\Users\Pegasus\AppData\Roaming\Mozilla\Firefox\Profiles\jnn6wtmc.default [2017-10-28] FF Homepage: Mozilla\Firefox\Profiles\jnn6wtmc.default -> hxxp://google.at FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Pegasus\AppData\Roaming\Mozilla\Firefox\Profiles\jnn6wtmc.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-28] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-10-14] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] () FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe [481808 2017-10-23] (AMD) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-24] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmdag.sys [40030736 2017-10-23] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmpag.sys [545296 2017-10-23] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118960 2017-10-13] (Advanced Micro Devices) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-09] (REALiX(tm)) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197344 2017-10-14] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [592088 2017-10-14] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186184 2017-10-28] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021656 2017-10-14] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-01-03] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-26] (AO Kaspersky Lab) S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-06] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-06] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-28] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-28] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-28] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-28] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-28] (Malwarebytes) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-03-20] (Realtek ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-09-15] () R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-09-15] () R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-09-15] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) U3 WMPNetworkSvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-28 22:14 - 2017-10-28 22:18 - 000000449 _____ C:\Users\Pegasus\Downloads\Search.txt 2017-10-28 22:04 - 2017-10-28 22:06 - 000016223 _____ C:\Users\Pegasus\Downloads\Fixlog.txt 2017-10-28 19:39 - 2017-10-28 19:39 - 000000000 ____D C:\Users\Pegasus\Downloads\enbseries_skyrimse_v0310 2017-10-28 17:03 - 2017-10-28 17:04 - 000000000 ____D C:\Users\Pegasus\Downloads\M A o S H I E L D S04E16 W w w G D D 1080 W x-TVP 2017-10-28 16:11 - 2017-10-28 16:12 - 000000000 ____D C:\Users\Pegasus\Downloads\Wet and Could - German Translation-2354-2-15 2017-10-28 16:08 - 2017-10-28 16:08 - 000032778 ____R C:\Users\Pegasus\Downloads\Wet and Could - German Translation-2354-2-15.rar 2017-10-28 16:02 - 2017-10-28 16:03 - 047303051 ____R C:\Users\Pegasus\Downloads\Wet and Cold v2_15-644-2-15.7z 2017-10-28 13:37 - 2017-10-28 22:14 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-10-28 13:37 - 2017-10-28 22:07 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-28 13:37 - 2017-10-28 22:07 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-28 13:37 - 2017-10-28 13:37 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-10-28 13:37 - 2017-10-28 13:37 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2017-10-28 13:37 - 2017-10-28 13:37 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-28 13:37 - 2017-10-28 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-28 13:37 - 2017-10-28 13:37 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-28 13:37 - 2017-10-28 13:37 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-28 13:37 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-28 12:46 - 2017-10-28 22:21 - 000013057 _____ C:\Users\Pegasus\Downloads\FRST.txt 2017-10-28 12:46 - 2017-10-28 12:47 - 000039341 _____ C:\Users\Pegasus\Downloads\Addition.txt 2017-10-28 12:24 - 2017-10-28 22:08 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\Mozilla 2017-10-28 12:24 - 2017-10-28 12:25 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Mozilla 2017-10-28 12:24 - 2017-10-28 12:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-28 12:24 - 2017-10-28 12:24 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Mozilla 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-28 12:24 - 2017-10-28 12:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-28 12:23 - 2017-10-28 12:23 - 000000448 _____ C:\Users\Pegasus\Documents\cc_20171028_122315.reg 2017-10-28 12:22 - 2017-10-28 12:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2017-10-28 12:04 - 2017-10-28 12:04 - 000048986 _____ C:\Users\Pegasus\Downloads\bookmarks-2017-10-28.json 2017-10-28 11:46 - 2017-10-28 11:53 - 000000861 _____ C:\Users\Pegasus\Desktop\Neues Textdokument (2).txt 2017-10-28 11:37 - 2017-10-28 22:21 - 000000000 ____D C:\FRST 2017-10-28 11:36 - 2017-10-28 11:37 - 002403328 _____ (Farbar) C:\Users\Pegasus\Downloads\FRST64.exe 2017-10-28 11:30 - 2017-10-28 11:30 - 008261584 _____ (Malwarebytes) C:\Users\Pegasus\Downloads\adwcleaner_7.0.4.0.exe 2017-10-28 00:45 - 2017-10-28 14:25 - 000000000 ____D C:\AdwCleaner 2017-10-28 00:35 - 2017-10-28 22:07 - 000243080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-27 19:59 - 2017-10-27 19:59 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Skype 2017-10-26 20:59 - 2017-10-26 21:05 - 000001320 _____ C:\Users\Pegasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-25 13:14 - 2017-10-25 13:14 - 000000000 ____D C:\Users\Pegasus\Downloads\Sarah McLachlan - In the arms of an angel 2017-10-24 16:15 - 2017-10-24 16:15 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN 2017-10-24 16:15 - 2017-10-24 16:15 - 000000194 _____ C:\LaunchURL.txt 2017-10-24 16:15 - 2017-10-24 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2017-10-24 16:14 - 2017-10-24 16:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-10-24 16:13 - 2017-10-24 16:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-10-24 16:13 - 2017-10-24 16:13 - 000000000 ____D C:\Users\Pegasus\AppData\Local\RadeonInstaller 2017-10-23 19:12 - 2017-10-23 19:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000552976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000168976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000145936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000131304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2017-10-23 19:12 - 2017-10-23 19:12 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin 2017-10-23 19:12 - 2017-10-23 19:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man 2017-10-20 19:18 - 2017-10-20 19:18 - 000151592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2017-10-20 19:18 - 2017-10-20 19:18 - 000123752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2017-10-15 23:50 - 2017-10-15 23:50 - 000000000 ____D C:\Users\Pegasus\AppData\Local\usvfs 2017-10-13 05:18 - 2017-10-13 05:18 - 000123368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll 2017-10-12 14:10 - 2017-10-12 14:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-12 14:07 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2017-10-12 14:07 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-10-12 14:07 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2017-10-12 14:07 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-10-12 14:07 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-10-12 14:07 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-10-12 14:07 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-10-12 14:07 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2017-10-12 14:07 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-10-12 14:07 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-10-12 14:07 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-10-12 14:07 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-10-12 14:07 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-10-12 14:07 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-10-12 14:07 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-10-12 14:07 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-10-12 14:07 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-10-12 14:07 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-10-12 14:07 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-10-12 14:07 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-10-12 14:07 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-10-12 14:07 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll 2017-10-12 14:07 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-10-12 14:07 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2017-10-12 14:07 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-10-12 14:07 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-10-12 14:07 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-10-12 14:07 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-10-12 14:07 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-10-12 14:07 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-10-12 14:07 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-10-12 14:07 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-10-12 14:07 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-10-12 14:07 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-10-12 14:07 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-10-12 14:07 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-10-12 14:07 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-10-12 14:07 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-10-12 14:07 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2017-10-12 14:07 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2017-10-12 14:07 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe 2017-10-12 14:07 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-10-12 14:07 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-10-12 14:07 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls 2017-10-12 14:07 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-10-12 14:07 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-10-12 14:07 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-10-12 14:07 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-10-12 14:07 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2017-10-12 14:07 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-10-12 14:06 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-10-12 14:06 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-10-12 14:06 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-10-12 14:06 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-10-12 14:06 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-10-12 14:06 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-10-12 14:06 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-10-12 14:06 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-10-12 14:06 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-10-12 14:06 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-10-12 14:06 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-10-12 14:06 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-10-12 14:06 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-10-12 14:06 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-10-12 14:06 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-10-12 14:06 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2017-10-12 14:06 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-10-12 14:06 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-10-12 14:06 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2017-10-12 14:06 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-10-12 14:06 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2017-10-12 14:06 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2017-10-12 14:06 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2017-10-12 14:05 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-10-12 14:05 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-10-12 14:05 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-10-12 14:05 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-10-12 14:05 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-10-12 14:05 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-10-12 14:05 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-10-12 14:05 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-10-12 14:05 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-10-12 14:05 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-10-12 14:05 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-10-12 14:05 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-10-12 14:05 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-10-12 14:05 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-10-12 14:05 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-10-12 14:05 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll 2017-10-12 14:05 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-10-12 14:05 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-10-12 14:05 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-10-12 14:05 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-10-12 14:05 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-10-12 14:05 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-10-12 14:05 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2017-10-12 14:05 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-10-12 14:05 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2017-10-12 14:05 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-10-12 14:05 - 2017-09-29 09:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-10-12 14:05 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-10-12 14:04 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-10-12 14:04 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-10-12 14:04 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-10-12 14:04 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-10-12 14:04 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-10-12 14:04 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2017-10-12 14:04 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2017-10-12 14:04 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-10-12 14:04 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-10-12 14:04 - 2017-09-30 07:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2017-10-12 14:04 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-10-12 14:04 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-10-12 14:04 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-10-12 14:04 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-10-12 14:04 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-10-12 14:04 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll 2017-10-12 14:04 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-10-12 14:04 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-10-12 14:04 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-10-12 14:04 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2017-10-12 14:04 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-10-12 14:04 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2017-10-12 14:04 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2017-10-12 14:04 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2017-10-12 14:04 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-10-12 14:04 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-10-12 14:04 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-10-12 14:04 - 2017-09-29 09:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2017-10-12 14:04 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-10-12 14:04 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-10-12 14:04 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-10-12 14:04 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-10-12 14:04 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll 2017-10-12 14:04 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2017-10-12 14:04 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2017-10-12 14:04 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-10-12 14:04 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-10-12 14:04 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe 2017-10-12 14:04 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-10-12 14:04 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-10-12 14:04 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-10-12 14:04 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-10-12 14:04 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2017-10-12 14:04 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll 2017-10-12 14:04 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2017-10-12 14:03 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-10-12 14:03 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-10-12 14:03 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-10-12 14:03 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-10-12 14:03 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-10-12 14:03 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-10-12 14:03 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2017-10-12 14:03 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-10-12 14:03 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-10-12 14:03 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-10-12 14:03 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-10-12 14:03 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-10-12 14:03 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-10-12 14:03 - 2017-09-30 07:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-10-12 14:03 - 2017-09-30 07:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-10-12 14:03 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-10-12 14:03 - 2017-09-30 07:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-10-12 14:03 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-10-12 14:03 - 2017-09-30 07:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-10-12 14:03 - 2017-09-30 07:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-10-12 14:03 - 2017-09-30 07:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-10-12 14:03 - 2017-09-30 07:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-10-12 14:03 - 2017-09-30 07:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-10-12 14:03 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-10-12 14:03 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-10-12 14:03 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-10-12 14:03 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-10-12 14:03 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-10-12 14:03 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2017-10-12 14:03 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-10-12 14:03 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-10-12 14:03 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-10-12 14:03 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-10-12 14:03 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-10-12 14:03 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-10-12 14:03 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-10-12 14:03 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-10-12 14:03 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-10-12 14:03 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-10-12 14:03 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-10-12 14:03 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-10-12 14:03 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-10-12 14:03 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-10-12 14:03 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-10-12 14:03 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-10-12 14:03 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2017-10-12 14:03 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-10-12 14:03 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-10-12 14:03 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2017-10-12 14:03 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-10-12 14:03 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-10-12 14:03 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-10-07 15:27 - 2017-10-07 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-10-07 15:27 - 2017-10-07 15:27 - 000000000 ____D C:\Program Files\7-Zip 2017-10-07 11:22 - 2017-10-10 12:03 - 000001571 _____ C:\Users\Pegasus\Desktop\ModOrganizer - Verknüpfung.lnk 2017-10-07 10:24 - 2017-10-07 10:24 - 000000000 ____D C:\Users\Pegasus\AppData\Local\LOOT 2017-10-07 10:22 - 2017-10-28 20:00 - 000000000 ____D C:\Users\Pegasus\AppData\Local\ModOrganizer 2017-10-07 10:22 - 2017-10-28 15:50 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-10-07 10:21 - 2017-10-07 10:21 - 000000000 ____D C:\Program Files (x86)\ModOrganizer 2017-10-06 17:51 - 2017-10-16 20:56 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Skyrim Special Edition 2017-10-06 17:51 - 2017-10-06 21:30 - 000000000 ____D C:\Users\Pegasus\Documents\My Games 2017-10-06 17:46 - 2017-10-06 17:46 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2017-10-06 17:44 - 2017-10-07 16:43 - 000000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim Special Edition ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-28 22:13 - 2017-07-24 20:34 - 002807746 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-28 22:13 - 2017-03-20 06:41 - 001316552 _____ C:\WINDOWS\system32\perfh007.dat 2017-10-28 22:13 - 2017-03-20 06:41 - 000310312 _____ C:\WINDOWS\system32\perfc007.dat 2017-10-28 22:09 - 2017-01-03 12:16 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-10-28 22:07 - 2017-07-24 20:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-28 22:06 - 2017-07-24 20:25 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-10-28 22:06 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-10-28 21:43 - 2017-07-24 20:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-28 17:49 - 2017-05-26 12:32 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\vlc 2017-10-28 17:05 - 2016-05-11 13:47 - 000000000 ____D C:\Users\Pegasus\AppData\Local\JDownloader v2.0 2017-10-28 13:58 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-28 13:58 - 2016-07-16 11:35 - 000000008 __RSH C:\ProgramData\ntuser.pol 2017-10-28 12:22 - 2016-06-02 16:18 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-10-28 12:22 - 2016-06-02 16:18 - 000000000 ____D C:\Program Files\CCleaner 2017-10-28 00:18 - 2017-06-09 09:43 - 000000546 _____ C:\Users\Pegasus\Desktop\Temine.txt 2017-10-27 16:53 - 2016-05-11 13:13 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\AIMP 2017-10-27 10:42 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-27 10:42 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-26 20:07 - 2017-03-18 13:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2017-10-25 21:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-25 21:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-24 16:15 - 2017-07-24 20:25 - 000000000 ____D C:\Program Files\AMD 2017-10-24 16:14 - 2017-09-25 20:03 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\AMD 2017-10-24 16:14 - 2017-09-23 10:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-10-24 16:13 - 2017-04-16 14:46 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml 2017-10-23 19:12 - 2017-09-21 20:54 - 002542608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000467984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2017-10-23 19:12 - 2017-09-21 20:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 013536784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 011099664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 002924560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000875536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000708112 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000704016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000556560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000480272 _____ C:\WINDOWS\system32\dgtrayicon.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000470544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000458768 _____ C:\WINDOWS\system32\GameManager64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000445968 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000414736 _____ C:\WINDOWS\system32\atieah64.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000382992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000366608 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000361488 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000352272 _____ C:\WINDOWS\system32\clinfo.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000334864 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2017-10-23 19:12 - 2017-07-13 03:43 - 000277008 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000242704 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000232464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000203792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000180240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000159248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000157864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000157712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000149600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000135696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000133648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000124944 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000117264 _____ C:\WINDOWS\system32\atidxx64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000114192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000101904 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000099344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000069648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000045584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2017-10-23 19:12 - 2017-07-13 03:43 - 000042512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000548432 _____ C:\WINDOWS\system32\amdmiracast.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000186416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000164544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000116208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2017-10-23 19:12 - 2017-07-13 03:42 - 000102656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2017-10-23 19:12 - 2017-07-12 20:06 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2017-10-23 19:12 - 2017-07-12 20:06 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2017-10-23 19:12 - 2017-07-12 20:06 - 000834312 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2017-10-23 19:12 - 2017-07-12 20:06 - 000834312 _____ C:\WINDOWS\system32\atiapfxx.blb 2017-10-23 19:12 - 2017-07-12 20:06 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json 2017-10-23 19:12 - 2017-07-12 20:06 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json 2017-10-18 15:57 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-17 14:59 - 2017-02-28 14:54 - 000000000 ____D C:\Users\Pegasus\AppData\Local\VirtualStore 2017-10-14 21:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-14 12:15 - 2017-01-03 12:16 - 001021656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-10-14 12:15 - 2017-01-03 12:16 - 000197344 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-10-14 12:15 - 2016-06-20 18:54 - 000592088 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-10-13 05:14 - 2017-04-26 09:09 - 000118960 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys 2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-12 20:08 - 2016-02-13 19:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning 2017-10-12 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-10-12 20:04 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2017-10-12 20:04 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2017-10-12 14:11 - 2016-05-11 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-10-12 14:10 - 2016-05-11 13:27 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-07 16:42 - 2017-07-24 20:26 - 000000000 ____D C:\Users\Pegasus ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-04-16 14:46 - 2017-10-24 16:13 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-10-20 20:52 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2017 durchgeführt von Pegasus (28-10-2017 22:21:38) Gestartet von C:\Users\Pegasus\Downloads Windows 10 Pro Version 1703 15063.674 (X64) (2017-07-24 18:35:07) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2446509630-2703652802-741451858-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-2446509630-2703652802-741451858-503 - Limited - Disabled) Gast (S-1-5-21-2446509630-2703652802-741451858-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2446509630-2703652802-741451858-1005 - Limited - Enabled) Pegasus (S-1-5-21-2446509630-2703652802-741451858-1001 - Administrator - Enabled) => C:\Users\Pegasus ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1717, 08.05.2016 - AIMP DevTeam) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Bethesda Launcher (HKLM\...\{27661104-880E-45FC-BBB9-2132C920E8DB}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Druckerdeinstallation für EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version: - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.19.5276 - GOM & Company) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.14.123.2017 - Realtek) Stronghold Crusader 2 (HKLM-x32\...\1433852499_is1) (Version: 2.2.0.7 - GOG.com) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8) (Version: - ) The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8) (Version: 1.4.2.0.8 - .x.X.RIDDICK.X.x.) The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8) (Version: 1.5.3.0.8 - .x.X.RIDDICK.X.x.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-20] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {4DD6ABC4-FF33-4DA3-AE46-9A09353E2A92} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd) Task: {4FE24BC0-662E-4041-B971-00C03D15A91E} - System32\Tasks\{54985634-2E7F-48AF-9431-366C35E4F036} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\" Task: {5497958C-BA3D-4DEB-9838-BFCF754C8454} - System32\Tasks\S-1-5-21-2446509630-2703652802-741451858-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {553134D3-3000-4E23-840C-FC450EDBE383} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd) Task: {902A8AE6-3666-4A6F-A17E-85EBD12A42C5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-20] (Advanced Micro Devices, Inc.) Task: {D7AAA24F-BF49-448B-8CD3-20BBA3C6B5CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated) Task: {F007824A-2455-4227-8A08-3CE16A623107} - System32\Tasks\{47A746BA-8694-479E-8FC4-7DDE2A8069A4} => C:\Windows\system32\pcalua.exe -a "E:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "E:\The Elder Scrolls V Skyrim Legendary Edition" Task: {FDE9C925-7D03-4018-A8F6-2341C884462C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-10-28 13:37 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-10-28 13:37 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-07-22 01:55 - 2017-07-22 01:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2017-07-22 01:55 - 2017-07-22 01:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-10-30 09:24 - 2017-10-28 22:06 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2446509630-2703652802-741451858-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pegasus\Pictures\456523.jpg DNS Servers: 195.34.133.21 - 212.186.211.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdaptiveSleepService => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Backupper Service => 2 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "Chromium" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 12-10-2017 14:02:58 Windows Update 18-10-2017 15:57:35 Windows Update 25-10-2017 21:30:44 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/28/2017 10:18:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64.exe, Version 26.10.2017.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 23ec Startzeit: 01d3502945deb713 Beendigungszeit: 4294967295 Anwendungspfad: C:\Users\Pegasus\Downloads\FRST64.exe Berichts-ID: f4b6207f-c7bb-416d-95ec-79680bdeb08f Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Systemfehler: ============= Error: (10/28/2017 10:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (10/28/2017 10:06:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2017 10:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 10:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "EPSON V3 Service4(06)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 10:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Epson Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 10:06:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2017 10:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (10/28/2017 10:04:33 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: Es wird bereits eine Instanz des Dienstes ausgeführt. Error: (10/28/2017 10:04:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/28/2017 10:04:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2017-10-26 20:58:09.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:38.029 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:20.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:52.426 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.686 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:35.791 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:26:18.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: AMD Phenom(tm) II X6 1090T Processor Prozentuale Nutzung des RAM: 15% Installierter physikalischer RAM: 16345.35 MB Verfügbarer physikalischer RAM: 13770.99 MB Summe virtueller Speicher: 18777.35 MB Verfügbarer virtueller Speicher: 16014.32 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:464.77 GB) (Free:388.41 GB) NTFS Drive d: (Musik) (Fixed) (Total:931.39 GB) (Free:925.52 GB) NTFS Drive e: (Daten) (Fixed) (Total:465.63 GB) (Free:234.73 GB) NTFS Drive f: (Privat) (Fixed) (Total:232.88 GB) (Free:227.32 GB) NTFS Drive g: (Volume) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9817019D) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F3FCF3FC) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 3079740B) Partition: GPT. ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 23CE48D0) Partition: GPT. ==================== Ende von Addition.txt ============================ Geändert von .christian. (28.10.2017 um 21:35 Uhr) |
28.10.2017, 21:31 | #8 |
| Firefox startet mit Fehlermeldung Punkt 2 Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 26-10-2017 durchgeführt von Pegasus (28-10-2017 22:24:40) Gestartet von C:\Users\Pegasus\Downloads Start-Modus: Normal ================== Datei-Suche: "SearchAll: ByteFence;chip 1-click;chip 1 click;b4b7fa31a4677c257ac12ba7dfeff987;0ef9420eece2493a4d19650d0d438eb5;b364bdb63c344871f098e7da7c194960;Auslogics;Chip Digital" ============= Datei: ======== Ordner: ======== Registry: ======== ===================== Suchergebnis für "ByteFence" ========== ===================== Suchergebnis für "chip 1-click" ========== ===================== Suchergebnis für "chip 1 click" ========== ===================== Suchergebnis für "b4b7fa31a4677c257ac12ba7dfeff987" ========== ===================== Suchergebnis für "0ef9420eece2493a4d19650d0d438eb5" ========== ===================== Suchergebnis für "b364bdb63c344871f098e7da7c194960" ========== [HKEY_USERS\S-1-5-21-2446509630-2703652802-741451858-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Windows\b364bdb63c344871f098e7da7c194960.exe"="0x534143500100000000000000070000002800000000C6080007A5090003000000000000000000010600010000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000024840000000000000100000001000000" ===================== Suchergebnis für "Auslogics" ========== ===================== Suchergebnis für "Chip Digital" ========== ====== Ende von Suche ====== |
28.10.2017, 21:37 | #9 |
/// TB-Ausbilder | Firefox startet mit Fehlermeldung Servus, zu Schritt 1: Kann es sein, dass du diesen Schritt zweimal durchgeführt hast? Denn darauf lässt diese Logdatei schießen... oder Kaspersky stört die Bereinigung. --- edit --- |
28.10.2017, 21:52 | #10 |
| Firefox startet mit Fehlermeldung Sorry ja hab aus versehen auf entfernen geklickt und danach erst mit eingebenen script nochmals durchgeführt. |
28.10.2017, 21:54 | #11 | |
/// TB-Ausbilder | Firefox startet mit FehlermeldungZitat:
In meiner Anleitung steht nichts davon, dass du die kopierte Code-Box irgendwo eingeben/einfügen musst... jetzt kapier ich gar nichts mehr... |
28.10.2017, 22:00 | #12 |
| Firefox startet mit Fehlermeldung Ich dachte diese wird in FRST eingefügt? Warum sollte ich sie sonst kopieren? |
28.10.2017, 22:05 | #13 |
/// TB-Ausbilder | Firefox startet mit Fehlermeldung Servus, jetzt komm ich mit... Nein, nur kopieren. Damit diese Zeilen in der Zwischenablage / im Cache sind. FRST greift direkt auf diesen Speicher zu und "holt" sich von dort direkt die Zeilen. Aber es hat ja funktioniert... Wir kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Firefox zurücksetzen Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche? Bitte poste mit deiner nächsten Antwort
|
29.10.2017, 13:22 | #14 |
| Firefox startet mit Fehlermeldung Leider bin ich gestern eingeschlafen. Firefox ist zurückgesetzt. Hier die Scans Code:
ATTFilter HitmanPro 3.7.20.286 www.hitmanpro.com Computer name . . . . : HEIMRECHNER Windows . . . . . . . : 10.0.0.15063.X64/6 User name . . . . . . : HEIMRECHNER\Pegasus UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-10-28 23:11:21 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 38s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 4 Objects scanned . . . : 1.726.708 Files scanned . . . . : 43.478 Remnants scanned . . : 376.224 files / 1.307.006 keys Suspicious files ____________________________________________________________ C:\Users\Pegasus\Downloads\FRST64.exe Size . . . . . . . : 2.403.328 bytes Age . . . . . . . : 0.5 days (2017-10-28 11:36:58) Entropy . . . . . : 7.6 SHA-256 . . . . . : BFEDDEF5ED4AD146B3670CE3002EE8D0AF4941047EB49E9BE9175448DC982810 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -1.0s C:\Users\Pegasus\AppData\Local\Microsoft\OneDrive\logs\Common\StandaloneUpdater-2017-10-28.936.9932.1.odl -0.9s C:\Users\Pegasus\AppData\Local\Microsoft\OneDrive\setup\logs\StandaloneUpdate_2017-10-28_113657_26cc-26d0.log 0.0s C:\Users\Pegasus\Downloads\FRST64.exe Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger) HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger) HKU\S-1-5-21-2446509630-2703652802-741451858-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017 durchgeführt von Pegasus (Administrator) auf HEIMRECHNER (29-10-2017 13:18:00) Gestartet von C:\Users\Pegasus\Downloads Geladene Profile: Pegasus (Verfügbare Profile: Pegasus & Administrator) Platform: Windows 10 Pro Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{51b53668-26b4-496b-b422-f52d5e800dcb}: [DhcpNameServer] 195.34.133.21 212.186.211.21 Tcpip\..\Interfaces\{e11603dd-8e96-4929-b72a-81ffb3d512bc}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2446509630-2703652802-741451858-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-03] (AO Kaspersky Lab) FireFox: ======== FF DefaultProfile: yyb04d22.default-1509224892941 FF ProfilePath: C:\Users\Pegasus\AppData\Roaming\Mozilla\Firefox\Profiles\yyb04d22.default-1509224892941 [2017-10-29] FF Homepage: Mozilla\Firefox\Profiles\yyb04d22.default-1509224892941 -> hxxps://www.google.at/ FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-10-14] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] () FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atiesrxx.exe [481808 2017-10-23] (AMD) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-10-28] (SurfRight B.V.) S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-24] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmdag.sys [40030736 2017-10-23] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319291.inf_amd64_cb842461bf066ecd\atikmpag.sys [545296 2017-10-23] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118960 2017-10-13] (Advanced Micro Devices) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-09] (REALiX(tm)) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197344 2017-10-14] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [592088 2017-10-14] (AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [186184 2017-10-28] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1021656 2017-10-14] (AO Kaspersky Lab) R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-01-03] (AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-26] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-06] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-06] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-06] (AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199640 2017-07-24] (AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-28] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-28] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-28] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-28] (Malwarebytes) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-03-20] (Realtek ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-09-14] () R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-09-14] () R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-09-14] () S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) U3 WMPNetworkSvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-29 13:18 - 2017-10-29 13:18 - 000013080 _____ C:\Users\Pegasus\Downloads\FRST.txt 2017-10-28 22:14 - 2017-10-28 22:14 - 006760064 _____ (ESET spol. s r.o.) C:\Users\Pegasus\Downloads\esetonlinescanner_deu.exe 2017-10-28 22:14 - 2017-10-28 22:14 - 000000000 ____D C:\Users\Pegasus\AppData\Local\ESET 2017-10-28 22:11 - 2017-10-28 22:11 - 000001974 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2017-10-28 22:11 - 2017-10-28 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2017-10-28 22:11 - 2017-10-28 22:11 - 000000000 ____D C:\Program Files\HitmanPro 2017-10-28 22:10 - 2017-10-28 22:13 - 000000000 ____D C:\ProgramData\HitmanPro 2017-10-28 22:09 - 2017-10-28 22:10 - 011584088 _____ (SurfRight B.V.) C:\Users\Pegasus\Downloads\HitmanPro_x64.exe 2017-10-28 16:03 - 2017-10-28 16:04 - 000000000 ____D C:\Users\Pegasus\Downloads\M A o S H I E L D S04E16 W w w G D D 1080 W x-TVP 2017-10-28 12:37 - 2017-10-29 12:20 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\SET6CF8.tmp 2017-10-28 12:37 - 2017-10-28 23:07 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-28 12:37 - 2017-10-28 23:07 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-28 12:37 - 2017-10-28 12:37 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-10-28 12:37 - 2017-10-28 12:37 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2017-10-28 12:37 - 2017-10-28 12:37 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-28 12:37 - 2017-10-28 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-28 12:37 - 2017-10-28 12:37 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-28 12:37 - 2017-10-28 12:37 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-28 12:37 - 2017-10-04 12:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-28 11:24 - 2017-10-29 13:11 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\Mozilla 2017-10-28 11:24 - 2017-10-28 11:25 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Mozilla 2017-10-28 11:24 - 2017-10-28 11:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-28 11:24 - 2017-10-28 11:24 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-28 11:24 - 2017-10-28 11:24 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Mozilla 2017-10-28 11:24 - 2017-10-28 11:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-28 11:24 - 2017-10-28 11:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-28 11:23 - 2017-10-28 11:23 - 000000448 _____ C:\Users\Pegasus\Documents\cc_20171028_122315.reg 2017-10-28 11:22 - 2017-10-28 11:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2017-10-28 10:37 - 2017-10-29 13:18 - 000000000 ____D C:\FRST 2017-10-28 10:36 - 2017-10-28 10:37 - 002403328 _____ (Farbar) C:\Users\Pegasus\Downloads\FRST64.exe 2017-10-28 10:30 - 2017-10-28 10:30 - 008261584 _____ (Malwarebytes) C:\Users\Pegasus\Downloads\adwcleaner_7.0.4.0.exe 2017-10-27 23:45 - 2017-10-28 22:03 - 000000000 ____D C:\AdwCleaner 2017-10-27 23:35 - 2017-10-28 21:07 - 000243080 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-27 18:59 - 2017-10-27 18:59 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\Skype 2017-10-26 19:59 - 2017-10-26 20:05 - 000001320 _____ C:\Users\Pegasus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-24 15:15 - 2017-10-24 15:15 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN 2017-10-24 15:15 - 2017-10-24 15:15 - 000000194 _____ C:\LaunchURL.txt 2017-10-24 15:15 - 2017-10-24 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2017-10-24 15:14 - 2017-10-24 15:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2017-10-24 15:13 - 2017-10-24 15:14 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2017-10-24 15:13 - 2017-10-24 15:13 - 000000000 ____D C:\Users\Pegasus\AppData\Local\RadeonInstaller 2017-10-23 18:12 - 2017-10-23 18:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000552976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000168976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000145936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000131304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2017-10-23 18:12 - 2017-10-23 18:12 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin 2017-10-23 18:12 - 2017-10-23 18:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man 2017-10-20 18:18 - 2017-10-20 18:18 - 000151592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2017-10-20 18:18 - 2017-10-20 18:18 - 000123752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2017-10-15 22:50 - 2017-10-15 22:50 - 000000000 ____D C:\Users\Pegasus\AppData\Local\usvfs 2017-10-13 04:18 - 2017-10-13 04:18 - 000123368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll 2017-10-12 13:10 - 2017-10-12 13:10 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-12 13:07 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2017-10-12 13:07 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-10-12 13:07 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2017-10-12 13:07 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-10-12 13:07 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-10-12 13:07 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-10-12 13:07 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-10-12 13:07 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-10-12 13:07 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-10-12 13:07 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-10-12 13:07 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2017-10-12 13:07 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-10-12 13:07 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-10-12 13:07 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-10-12 13:07 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2017-10-12 13:07 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-10-12 13:07 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-10-12 13:07 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-10-12 13:07 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-10-12 13:07 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-10-12 13:07 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-10-12 13:07 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-10-12 13:07 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-10-12 13:07 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-10-12 13:07 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-10-12 13:07 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-10-12 13:07 - 2017-09-30 03:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2017-10-12 13:07 - 2017-09-30 03:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-10-12 13:07 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-10-12 13:07 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-10-12 13:07 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-10-12 13:07 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-10-12 13:07 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-10-12 13:07 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-10-12 13:07 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-10-12 13:07 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll 2017-10-12 13:07 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-10-12 13:07 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2017-10-12 13:07 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-10-12 13:07 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-10-12 13:07 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-10-12 13:07 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-10-12 13:07 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-10-12 13:07 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-10-12 13:07 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-10-12 13:07 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-10-12 13:07 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-10-12 13:07 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-10-12 13:07 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-10-12 13:07 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-10-12 13:07 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-10-12 13:07 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-10-12 13:07 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-10-12 13:07 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-10-12 13:07 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-10-12 13:07 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-10-12 13:07 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-10-12 13:07 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-10-12 13:07 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-10-12 13:07 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2017-10-12 13:07 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2017-10-12 13:07 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe 2017-10-12 13:07 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-10-12 13:07 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-10-12 13:07 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls 2017-10-12 13:07 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-10-12 13:07 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-10-12 13:07 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-10-12 13:07 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-10-12 13:07 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2017-10-12 13:07 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-10-12 13:06 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-10-12 13:06 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-10-12 13:06 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-10-12 13:06 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-10-12 13:06 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-10-12 13:06 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-10-12 13:06 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-10-12 13:06 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-10-12 13:06 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-10-12 13:06 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-10-12 13:06 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-10-12 13:06 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-10-12 13:06 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-10-12 13:06 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-10-12 13:06 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-10-12 13:06 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-10-12 13:06 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-10-12 13:06 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2017-10-12 13:06 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-10-12 13:06 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-10-12 13:06 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2017-10-12 13:06 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-10-12 13:06 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2017-10-12 13:06 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2017-10-12 13:06 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2017-10-12 13:05 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-10-12 13:05 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-10-12 13:05 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-10-12 13:05 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-10-12 13:05 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-10-12 13:05 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-10-12 13:05 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-10-12 13:05 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-10-12 13:05 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-10-12 13:05 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-10-12 13:05 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-10-12 13:05 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-10-12 13:05 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-10-12 13:05 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-10-12 13:05 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-10-12 13:05 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll 2017-10-12 13:05 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-10-12 13:05 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-10-12 13:05 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-10-12 13:05 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-10-12 13:05 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-10-12 13:05 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-10-12 13:05 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2017-10-12 13:05 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-10-12 13:05 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2017-10-12 13:05 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-10-12 13:05 - 2017-09-29 08:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-10-12 13:05 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-10-12 13:04 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-10-12 13:04 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-10-12 13:04 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-10-12 13:04 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-10-12 13:04 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-10-12 13:04 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-10-12 13:04 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-10-12 13:04 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-10-12 13:04 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-10-12 13:04 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-10-12 13:04 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2017-10-12 13:04 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2017-10-12 13:04 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-10-12 13:04 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-10-12 13:04 - 2017-09-30 06:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2017-10-12 13:04 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-10-12 13:04 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-10-12 13:04 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-10-12 13:04 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-10-12 13:04 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-10-12 13:04 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll 2017-10-12 13:04 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-10-12 13:04 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-10-12 13:04 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-10-12 13:04 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2017-10-12 13:04 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-10-12 13:04 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-10-12 13:04 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-10-12 13:04 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-10-12 13:04 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-10-12 13:04 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-10-12 13:04 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2017-10-12 13:04 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2017-10-12 13:04 - 2017-09-29 08:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2017-10-12 13:04 - 2017-09-29 08:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2017-10-12 13:04 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-10-12 13:04 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2017-10-12 13:04 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-10-12 13:04 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-10-12 13:04 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-10-12 13:04 - 2017-09-29 08:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2017-10-12 13:04 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-10-12 13:04 - 2017-09-29 08:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2017-10-12 13:04 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-10-12 13:04 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-10-12 13:04 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-10-12 13:04 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-10-12 13:04 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-10-12 13:04 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll 2017-10-12 13:04 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2017-10-12 13:04 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2017-10-12 13:04 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-10-12 13:04 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-10-12 13:04 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe 2017-10-12 13:04 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-10-12 13:04 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-10-12 13:04 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-10-12 13:04 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-10-12 13:04 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2017-10-12 13:04 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll 2017-10-12 13:04 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2017-10-12 13:03 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-10-12 13:03 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-10-12 13:03 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-10-12 13:03 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-10-12 13:03 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-10-12 13:03 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-10-12 13:03 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2017-10-12 13:03 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-10-12 13:03 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-10-12 13:03 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-10-12 13:03 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-10-12 13:03 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-10-12 13:03 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-10-12 13:03 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-10-12 13:03 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-10-12 13:03 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-10-12 13:03 - 2017-09-30 06:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-10-12 13:03 - 2017-09-30 06:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-10-12 13:03 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-10-12 13:03 - 2017-09-30 06:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-10-12 13:03 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-10-12 13:03 - 2017-09-30 06:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-10-12 13:03 - 2017-09-30 06:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-10-12 13:03 - 2017-09-30 06:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-10-12 13:03 - 2017-09-30 06:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-10-12 13:03 - 2017-09-30 06:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-10-12 13:03 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-10-12 13:03 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-10-12 13:03 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-10-12 13:03 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-10-12 13:03 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-10-12 13:03 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-10-12 13:03 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-10-12 13:03 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2017-10-12 13:03 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-10-12 13:03 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-10-12 13:03 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-10-12 13:03 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-10-12 13:03 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2017-10-12 13:03 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-10-12 13:03 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-10-12 13:03 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-10-12 13:03 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-10-12 13:03 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-10-12 13:03 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-10-12 13:03 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-10-12 13:03 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-10-12 13:03 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-10-12 13:03 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-10-12 13:03 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-10-12 13:03 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-10-12 13:03 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-10-12 13:03 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-10-12 13:03 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-10-12 13:03 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-10-12 13:03 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-10-12 13:03 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-10-12 13:03 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-10-12 13:03 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2017-10-12 13:03 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-10-12 13:03 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-10-12 13:03 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-10-12 13:03 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-10-12 13:03 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2017-10-12 13:03 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-10-12 13:03 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-10-12 13:03 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-10-07 14:27 - 2017-10-07 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-10-07 14:27 - 2017-10-07 14:27 - 000000000 ____D C:\Program Files\7-Zip 2017-10-07 10:22 - 2017-10-10 11:03 - 000001571 _____ C:\Users\Pegasus\Desktop\ModOrganizer - Verknüpfung.lnk 2017-10-07 09:24 - 2017-10-07 09:24 - 000000000 ____D C:\Users\Pegasus\AppData\Local\LOOT 2017-10-07 09:22 - 2017-10-28 23:19 - 000000000 ____D C:\Users\Pegasus\AppData\Local\ModOrganizer 2017-10-07 09:22 - 2017-10-28 23:18 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-10-07 09:21 - 2017-10-07 09:21 - 000000000 ____D C:\Program Files (x86)\ModOrganizer 2017-10-06 16:51 - 2017-10-16 19:56 - 000000000 ____D C:\Users\Pegasus\AppData\Local\Skyrim Special Edition 2017-10-06 16:51 - 2017-10-06 20:30 - 000000000 ____D C:\Users\Pegasus\Documents\My Games 2017-10-06 16:46 - 2017-10-06 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2017-10-06 16:44 - 2017-10-07 15:43 - 000000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim Special Edition ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-29 12:50 - 2017-07-24 19:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-29 12:32 - 2017-01-03 11:16 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-10-28 23:11 - 2017-07-24 19:34 - 002836936 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-28 23:11 - 2017-03-20 05:41 - 001332240 _____ C:\WINDOWS\system32\perfh007.dat 2017-10-28 23:11 - 2017-03-20 05:41 - 000314830 _____ C:\WINDOWS\system32\perfc007.dat 2017-10-28 23:07 - 2017-07-24 19:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-28 23:06 - 2017-07-24 19:25 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-10-28 23:06 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-10-28 23:04 - 2016-05-11 12:13 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\AIMP 2017-10-28 16:49 - 2017-05-26 11:32 - 000000000 ____D C:\Users\Pegasus\AppData\Roaming\vlc 2017-10-28 16:05 - 2016-05-11 12:47 - 000000000 ____D C:\Users\Pegasus\AppData\Local\JDownloader v2.0 2017-10-28 12:58 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-28 12:58 - 2016-07-16 10:35 - 000000008 __RSH C:\ProgramData\ntuser.pol 2017-10-28 11:22 - 2016-06-02 15:18 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-10-28 11:22 - 2016-06-02 15:18 - 000000000 ____D C:\Program Files\CCleaner 2017-10-27 23:18 - 2017-06-09 08:43 - 000000546 _____ C:\Users\Pegasus\Desktop\Temine.txt 2017-10-27 09:42 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-27 09:42 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-26 19:07 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2017-10-25 20:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-25 20:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-24 15:15 - 2017-07-24 19:25 - 000000000 ____D C:\Program Files\AMD 2017-10-24 15:14 - 2017-09-25 19:03 - 000000000 ____D C:\Users\Pegasus\AppData\LocalLow\AMD 2017-10-24 15:14 - 2017-09-23 09:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2017-10-24 15:13 - 2017-04-16 13:46 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml 2017-10-23 18:12 - 2017-09-21 19:54 - 002542608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2017-10-23 18:12 - 2017-09-21 19:54 - 000467984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2017-10-23 18:12 - 2017-09-21 19:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2017-10-23 18:12 - 2017-09-21 19:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 013536784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 011099664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 002924560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000875536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000708112 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2017-10-23 18:12 - 2017-07-13 02:43 - 000704016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000556560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000480272 _____ C:\WINDOWS\system32\dgtrayicon.exe 2017-10-23 18:12 - 2017-07-13 02:43 - 000470544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000458768 _____ C:\WINDOWS\system32\GameManager64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000445968 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000414736 _____ C:\WINDOWS\system32\atieah64.exe 2017-10-23 18:12 - 2017-07-13 02:43 - 000382992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000366608 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000361488 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000352272 _____ C:\WINDOWS\system32\clinfo.exe 2017-10-23 18:12 - 2017-07-13 02:43 - 000334864 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2017-10-23 18:12 - 2017-07-13 02:43 - 000277008 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000242704 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000232464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000203792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000180240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000159248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000157864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000157712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000149600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000135696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000133648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000124944 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000117264 _____ C:\WINDOWS\system32\atidxx64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000114192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000101904 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000099344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000069648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000045584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2017-10-23 18:12 - 2017-07-13 02:43 - 000042512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000548432 _____ C:\WINDOWS\system32\amdmiracast.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000186416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000164544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000116208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2017-10-23 18:12 - 2017-07-13 02:42 - 000102656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2017-10-23 18:12 - 2017-07-12 19:06 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2017-10-23 18:12 - 2017-07-12 19:06 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2017-10-23 18:12 - 2017-07-12 19:06 - 000834312 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2017-10-23 18:12 - 2017-07-12 19:06 - 000834312 _____ C:\WINDOWS\system32\atiapfxx.blb 2017-10-23 18:12 - 2017-07-12 19:06 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json 2017-10-23 18:12 - 2017-07-12 19:06 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json 2017-10-18 14:57 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-17 13:59 - 2017-02-28 13:54 - 000000000 ____D C:\Users\Pegasus\AppData\Local\VirtualStore 2017-10-14 20:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-14 11:15 - 2017-01-03 11:16 - 001021656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-10-14 11:15 - 2017-01-03 11:16 - 000197344 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-10-14 11:15 - 2016-06-20 17:54 - 000592088 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-10-13 04:14 - 2017-04-26 08:09 - 000118960 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys 2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-12 19:08 - 2016-02-13 18:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-10-12 19:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-12 19:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning 2017-10-12 19:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-10-12 19:04 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2017-10-12 19:04 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2017-10-12 13:11 - 2016-05-11 12:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-10-12 13:10 - 2016-05-11 12:27 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-07 15:42 - 2017-07-24 19:26 - 000000000 ____D C:\Users\Pegasus ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-04-16 13:46 - 2017-10-24 15:13 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-10-20 19:52 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2017 durchgeführt von Pegasus (29-10-2017 13:18:38) Gestartet von C:\Users\Pegasus\Downloads Windows 10 Pro Version 1703 15063.674 (X64) (2017-07-24 18:35:07) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2446509630-2703652802-741451858-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-2446509630-2703652802-741451858-503 - Limited - Disabled) Gast (S-1-5-21-2446509630-2703652802-741451858-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2446509630-2703652802-741451858-1005 - Limited - Enabled) Pegasus (S-1-5-21-2446509630-2703652802-741451858-1001 - Administrator - Enabled) => C:\Users\Pegasus ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft) Hidden 7-Zip 17.00 beta (x64) (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1717, 08.05.2016 - AIMP DevTeam) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Bethesda Launcher (HKLM\...\{27661104-880E-45FC-BBB9-2132C920E8DB}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Druckerdeinstallation für EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version: - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.19.5276 - GOM & Company) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.14.123.2017 - Realtek) Stronghold Crusader 2 (HKLM-x32\...\1433852499_is1) (Version: 2.2.0.7 - GOG.com) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition MULTi2 1.1.47.0.8) (Version: - ) The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 5 MULTi2 1.4.2.0.8) (Version: 1.4.2.0.8 - .x.X.RIDDICK.X.x.) The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition Update 6 MULTi2 1.5.3.0.8) (Version: 1.5.3.0.8 - .x.X.RIDDICK.X.x.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-11] (AIMP DevTeam) ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-20] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {4DD6ABC4-FF33-4DA3-AE46-9A09353E2A92} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd) Task: {4FE24BC0-662E-4041-B971-00C03D15A91E} - System32\Tasks\{54985634-2E7F-48AF-9431-366C35E4F036} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "C:\Program Files (x86)\The Elder Scrolls V Skyrim Legendary Edition\" Task: {5497958C-BA3D-4DEB-9838-BFCF754C8454} - System32\Tasks\S-1-5-21-2446509630-2703652802-741451858-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {553134D3-3000-4E23-840C-FC450EDBE383} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd) Task: {902A8AE6-3666-4A6F-A17E-85EBD12A42C5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-10-20] (Advanced Micro Devices, Inc.) Task: {D7AAA24F-BF49-448B-8CD3-20BBA3C6B5CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated) Task: {F007824A-2455-4227-8A08-3CE16A623107} - System32\Tasks\{47A746BA-8694-479E-8FC4-7DDE2A8069A4} => C:\Windows\system32\pcalua.exe -a "E:\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe" -d "E:\The Elder Scrolls V Skyrim Legendary Edition" Task: {FDE9C925-7D03-4018-A8F6-2341C884462C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-10-28 12:37 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-10-28 12:37 - 2017-10-04 12:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-07-22 00:55 - 2017-07-22 00:55 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2017-07-22 00:55 - 2017-07-22 00:55 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2017-03-18 21:59 - 2017-03-20 05:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2009-02-26 12:46 - 2009-02-26 12:46 - 000064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 10:46 - 2011-06-22 10:46 - 000434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2011-05-31 14:45 - 2011-05-31 14:45 - 000756048 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-10-30 08:24 - 2017-10-28 21:06 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2446509630-2703652802-741451858-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pegasus\Pictures\456523.jpg DNS Servers: 195.34.133.21 - 212.186.211.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\Services: AdaptiveSleepService => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Backupper Service => 2 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2446509630-2703652802-741451858-1001\...\StartupApproved\Run: => "Chromium" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 12-10-2017 13:02:58 Windows Update 18-10-2017 14:57:35 Windows Update 25-10-2017 20:30:44 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/28/2017 10:13:56 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht. . Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (10/28/2017 10:13:30 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {26dfe67f-a65f-41a1-a076-5a2d66677b1c} Error: (10/28/2017 09:18:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64.exe, Version 26.10.2017.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 23ec Startzeit: 01d3502945deb713 Beendigungszeit: 4294967295 Anwendungspfad: C:\Users\Pegasus\Downloads\FRST64.exe Berichts-ID: f4b6207f-c7bb-416d-95ec-79680bdeb08f Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Systemfehler: ============= Error: (10/29/2017 12:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (10/29/2017 12:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. CodeIntegrity: =================================== Date: 2017-10-26 20:58:09.413 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:38.029 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:20.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:57:19.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:52.426 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.686 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:36.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:47:35.791 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-10-26 20:26:18.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Speicherinformationen =========================== Prozessor: AMD Phenom(tm) II X6 1090T Processor Prozentuale Nutzung des RAM: 16% Installierter physikalischer RAM: 16345.35 MB Verfügbarer physikalischer RAM: 13572.03 MB Summe virtueller Speicher: 18777.35 MB Verfügbarer virtueller Speicher: 15673.71 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:464.77 GB) (Free:386.91 GB) NTFS Drive d: (Musik) (Fixed) (Total:931.39 GB) (Free:925.52 GB) NTFS Drive e: (Daten) (Fixed) (Total:465.63 GB) (Free:234.69 GB) NTFS Drive f: (Privat) (Fixed) (Total:232.88 GB) (Free:227.32 GB) NTFS Drive g: (Volume) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9817019D) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F3FCF3FC) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 3079740B) Partition: GPT. ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 23CE48D0) Partition: GPT. ==================== Ende von Addition.txt ============================ |
29.10.2017, 15:17 | #15 |
/// TB-Ausbilder | Firefox startet mit Fehlermeldung Servus, Reste entfernen
Dann wären wir durch! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen. Hinweise: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen. Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware. Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird) Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen. Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms. Absicherungen Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen. Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:
Optionale Browsererweiterungen
Grundsätzliches
Lesestoff: Backup-/Image-Tools IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen. Option 1: Drivesnapshot Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot. Option 2: Seagate DiscWizard Download => Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Option 3: Acronis TrueImage WD Edition Download => Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg |
Themen zu Firefox startet mit Fehlermeldung |
chromium, defender, desktop, error, fehler, fehlermeldung, firefox, flash player, homepage, internet, internet explorer, kaspersky, logfile, musik, problem, prozesse, registry, security, services.exe, software, starten, svchost.exe, tcp, temp, udp, windows |