| |
| |||||||
Log-Analyse und Auswertung: Malwarebytes scan 33 identifizierte Bedrohungen ...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.12.2017, 17:55
| #1 |
 |  Malwarebytes scan 33 identifizierte Bedrohungen ... Hallo, ich hatte eigentlich schon lange keine Probleme mehr, bin mir auch nicht bewusst was "wirklich" kritisches oder sehr dubioses installiert zu haben, jedoch hatte ich heute beim Scan von Malwarebytes (free 3.2.2) 32 identifizierte Bedrohungen ... :-( Kann jemand von euch hier mal drüber sehen und sage, wie schlimm das ganze ist und ob bzw. welcher Handlungsbedarf herrscht? Ich sag jetzt schon mal im Vorhinein herzlichen Dank für eure Hilfe und eure Zeit. Schöne Grüße, Xenon1976 Hier mal der Scanbericht von Malwarebytes: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 08.12.17
Scan-Zeit: 17:02
Protokolldatei: 2a77b26f-dc31-11e7-82fa-7824af42ffda.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.212
Version des Aktualisierungspakets: 1.0.3445
Lizenz: Abgelaufen
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.98)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 337571
Erkannte Bedrohungen: 33
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 10 Min., 42 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 22
PUP.Optional.UCBrowser, HKU\S-1-5-18\SOFTWARE\UCBrowser, Keine Aktion durch Benutzer, [1275], [403633],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\UCBrowser, Keine Aktion durch Benutzer, [1275], [403633],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\UCBrowserPID, Keine Aktion durch Benutzer, [1275], [403634],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\SOFTWARE\UCBrowser, Keine Aktion durch Benutzer, [1275], [403633],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.CRX, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.HTM, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.HTML, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.MHT, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.SHTM, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.SHTML, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.WEBP, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.XHT, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.XHTML, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\UCHTML, Keine Aktion durch Benutzer, [1275], [463320],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\UCBrowser, Keine Aktion durch Benutzer, [1275], [407411],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\UCBrowser, Keine Aktion durch Benutzer, [1275], [407411],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\UCBrowserPID, Keine Aktion durch Benutzer, [1275], [407412],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\UCBrowser, Keine Aktion durch Benutzer, [1275], [463314],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\UCBrowser, Keine Aktion durch Benutzer, [1275], [463314],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\UCBrowser.exe, Keine Aktion durch Benutzer, [1275], [463316],1.0.3445
PUP.Optional.ChipDe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\chip 1-click download service, Keine Aktion durch Benutzer, [8633], [463412],1.0.3445
Registrierungswert: 4
PUP.Optional.Kuaizip, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\FILEEXTS\.bin\OPENWITHPROGIDS|KUAIZIPMOUNT.BIN, Keine Aktion durch Benutzer, [1078], [392706],1.0.3445
PUP.Optional.Kuaizip, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\FILEEXTS\.bin\OPENWITHPROGIDS|KUAIZIPMOUNT.BIN, Keine Aktion durch Benutzer, [1078], [392706],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|UCBROWSER, Keine Aktion durch Benutzer, [1275], [463315],1.0.3445
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|UCBROWSER, Keine Aktion durch Benutzer, [1275], [463315],1.0.3445
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 2
Adware.Elex.EncJob, C:\WINDOWS\PSGO, Keine Aktion durch Benutzer, [8061], [410566],1.0.3445
PUP.Optional.MirageISO, C:\USERS\PUBLIC\DOCUMENTS\XMUPDATE, Keine Aktion durch Benutzer, [8417], [443706],1.0.3445
Datei: 5
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.EWBB, Keine Aktion durch Benutzer, [7947], [403591],1.0.3445
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.EWBT, Keine Aktion durch Benutzer, [7947], [403592],1.0.3445
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.BINB, Keine Aktion durch Benutzer, [7947], [403593],1.0.3445
Adware.Elex.EncJob, C:\WINDOWS\PSGO\PSGO.PS1, Keine Aktion durch Benutzer, [8061], [410566],1.0.3445
PUP.Optional.MirageISO, C:\USERS\PUBLIC\DOCUMENTS\XMUPDATE\CONF.DB, Keine Aktion durch Benutzer, [8417], [443706],1.0.3445
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2017
durchgeführt von Christoph (Administrator) auf ARBEITSZIMMER (08-12-2017 17:29:51)
Gestartet von C:\Users\Christoph\Desktop\FRST
Geladene Profile: Christoph (Verfügbare Profile: Christoph & Natascha)
Platform: Windows 10 Home Version 1709 16299.98 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Samsung Electronics Co. Ltd.) C:\Program Files\Samsung Magician\SamsungMagician.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
() C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7569112 2014-03-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\RunOnce: [Uninstall 17.3.7076.1026_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1\amd64"
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\RunOnce: [Uninstall 17.3.7076.1026_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\17.3.7076.1026_1"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk [2017-04-22]
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-11-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1e62daa0-3460-4941-82ff-7e45f18dbeb1}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{acdd91c1-92cf-4846-8aca-1c8b7960dfff}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default [2017-12-08]
FF Homepage: Mozilla\Firefox\Profiles\2f9pw9xj.default -> www.google.at/
hxxp://www.tamagothi.de/2015/06/10/aus-aktuellem-anlass-antivirus-schlangenoel/
FF NetworkProxy: Mozilla\Firefox\Profiles\2f9pw9xj.default -> type", 4
FF Extension: (Google Translator for Firefox) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\translator@zoli.bod.xpi [2017-11-19]
FF Extension: (Session Manager) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Lagacy]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-05-10]
FF Extension: (Video DownloadHelper) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-02] ()
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-06-07] ()
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-08] (Microsoft Corporation) <==== ACHTUNG
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-08] (Microsoft Corporation) <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [193448 2017-03-03] ()
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-12-04] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 MpKsl73c069df; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE5ACB8B-6071-44E0-930F-38D1EDDD40FF}\MpKsl73c069df.sys [58120 2017-12-08] (Microsoft Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-08] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-08] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-08 17:29 - 2017-12-08 17:29 - 000000000 ____D C:\FRST
2017-12-08 17:14 - 2017-12-08 17:14 - 000005951 _____ C:\Users\Christoph\Desktop\2017_12_08.txt
2017-12-08 17:06 - 2017-12-08 17:06 - 000000000 ___HD C:\OneDriveTemp
2017-12-08 17:05 - 2017-12-08 17:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-08 17:02 - 2017-12-08 17:03 - 000000000 ____D C:\Users\Christoph\Desktop\Temp Logs
2017-12-04 20:05 - 2017-12-04 20:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-04 20:04 - 2017-12-04 20:04 - 000000000 ___HD C:\Users\Christoph\MicrosoftEdgeBackups
2017-12-04 20:03 - 2017-12-04 20:03 - 000000020 ___SH C:\Users\Christoph\ntuser.ini
2017-12-04 18:33 - 2017-12-04 18:33 - 000000000 ____D C:\ProgramData\USOShared
2017-12-04 18:29 - 2017-12-04 18:29 - 001817210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-04 18:25 - 2017-12-08 17:06 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3712444081-2832216142-1026754779-1001
2017-12-04 18:25 - 2017-12-04 18:25 - 000003974 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90
2017-12-04 18:25 - 2017-12-04 18:25 - 000003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2017-12-04 18:25 - 2017-12-04 18:25 - 000003706 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac
2017-12-04 18:25 - 2017-12-04 18:25 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-04 18:25 - 2017-12-04 18:25 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3712444081-2832216142-1026754779-1002
2017-12-04 18:25 - 2017-12-04 18:25 - 000002856 _____ C:\WINDOWS\System32\Tasks\TrackerAutoUpdate
2017-12-04 18:25 - 2017-12-04 18:25 - 000002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3712444081-2832216142-1026754779-1002
2017-12-04 18:25 - 2017-12-04 18:25 - 000002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3712444081-2832216142-1026754779-1001
2017-12-04 18:25 - 2017-12-04 18:25 - 000002604 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Update
2017-12-04 18:25 - 2017-12-04 18:25 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-12-04 18:25 - 2017-12-04 18:25 - 000002478 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-12-04 18:25 - 2017-12-04 18:25 - 000002428 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Initial Update
2017-12-04 18:25 - 2017-12-04 18:25 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-04 18:25 - 2017-12-04 18:25 - 000002210 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002184 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002182 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002168 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002166 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-12-04 18:25 - 2017-12-04 18:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-04 18:25 - 2017-12-04 18:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-12-04 18:24 - 2017-12-04 18:25 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-04 18:24 - 2017-12-04 18:25 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-04 18:21 - 2017-12-04 20:20 - 000000000 ____D C:\Users\Christoph\AppData\Local\Packages
2017-12-04 18:21 - 2017-12-04 18:21 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-04 18:21 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-04 18:20 - 2017-12-04 20:04 - 000000000 ____D C:\Users\Christoph
2017-12-04 18:20 - 2017-12-04 18:23 - 000000000 ____D C:\Users\Natascha
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Vorlagen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Startmenü
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Netzwerkumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Lokale Einstellungen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Eigene Dateien
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Druckumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Videos
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Musik
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Bilder
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Local\Verlauf
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Local\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Vorlagen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Startmenü
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Netzwerkumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Lokale Einstellungen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Eigene Dateien
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Druckumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Videos
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Musik
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Bilder
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Local\Verlauf
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Local\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 ____D C:\Users\Natascha\AppData\Local\Packages
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-12-04 18:19 - 2017-12-06 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-04 18:19 - 2017-12-04 18:23 - 000275320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-04 18:18 - 2017-12-04 18:26 - 000000000 ____D C:\Windows.old
2017-12-04 18:16 - 2017-12-04 18:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-04 18:16 - 2017-12-04 18:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-04 18:15 - 2017-12-04 18:15 - 025247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 023659008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 018915840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 003484848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-04 18:15 - 2017-12-04 18:15 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-04 18:15 - 2017-12-04 18:15 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-04 18:15 - 2017-12-04 18:15 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-04 18:14 - 2017-12-04 18:14 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 007386664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 006483176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003903272 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001426160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-04 18:14 - 2017-12-04 18:14 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001145112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-04 18:14 - 2017-12-04 18:14 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-04 18:14 - 2017-12-04 18:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files\MSBuild
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-04 18:12 - 2017-12-04 18:12 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-04 18:12 - 2017-12-04 18:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-02 20:45 - 2017-12-07 19:43 - 000000072 _____ C:\Users\Christoph\Desktop\Fallout.txt
2017-12-02 17:16 - 2017-12-03 21:14 - 000000000 ____D C:\Users\Christoph\Desktop\Outside the box
2017-12-02 17:15 - 2017-12-02 17:15 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2017-12-02 17:13 - 2017-12-02 17:14 - 038655984 _____ (DownloadHelper ) C:\Users\Christoph\Downloads\VdhCoAppSetup-1.0.10.exe
2017-11-30 18:33 - 2017-12-04 20:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-28 21:46 - 2017-11-28 21:46 - 000441105 _____ C:\Users\Christoph\Desktop\die_7_groessten_geheimnisse.pdf
2017-11-19 23:34 - 2017-12-04 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-11-19 23:34 - 2017-11-19 23:34 - 000000511 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2017-11-19 22:17 - 2017-11-20 21:03 - 000000000 ____D C:\Users\Christoph\Documents\StarCraft II
2017-11-19 21:03 - 2017-12-04 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-11-19 21:03 - 2017-12-03 22:12 - 000000000 ____D C:\Users\Christoph\AppData\Local\Battle.net
2017-11-19 21:03 - 2017-11-19 22:16 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Battle.net
2017-11-19 21:03 - 2017-11-19 21:03 - 000000954 _____ C:\Users\Public\Desktop\Battle.net.lnk
2017-11-19 21:00 - 2017-12-03 21:06 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-11-19 21:00 - 2017-11-19 21:00 - 004215792 _____ (Blizzard Entertainment) C:\Users\Christoph\Downloads\StarCraft-II-Setup.exe
2017-11-19 21:00 - 2017-11-19 21:00 - 000000000 ____D C:\Users\Christoph\AppData\Local\Blizzard
2017-11-18 20:39 - 2017-12-04 18:22 - 000000000 ____D C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-12 16:05 - 2017-11-12 16:05 - 000011013 _____ C:\Users\Christoph\Desktop\wohnzimmer.txt
2017-11-12 11:26 - 2017-11-12 11:26 - 000001598 _____ C:\Users\Christoph\Desktop\Keller Werkstatt 12.11.2017.txt
2017-11-08 20:25 - 2017-11-08 20:26 - 000005096 _____ C:\Users\Christoph\Desktop\Konto CH Vorlagen.csv
2017-11-08 19:58 - 2017-11-08 20:26 - 000014466 _____ C:\Users\Christoph\Desktop\Vorlagen.xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-08 17:29 - 2017-05-02 18:36 - 000000000 ____D C:\Users\Christoph\Desktop\FRST
2017-12-08 17:14 - 2017-10-09 17:17 - 000000000 ____D C:\Users\Christoph\AppData\Local\FalloutShelter
2017-12-08 17:14 - 2016-11-23 19:08 - 000000000 ____D C:\Users\Christoph\AppData\LocalLow\Mozilla
2017-12-08 17:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-08 17:06 - 2016-04-02 22:50 - 000002409 _____ C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-08 17:06 - 2014-11-06 23:04 - 000000000 ___RD C:\Users\Christoph\OneDrive
2017-12-08 17:04 - 2014-11-06 22:10 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-08 17:02 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-08 17:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-06 21:37 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-05 21:43 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-05 21:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-05 21:32 - 2016-05-16 19:15 - 000000000 ____D C:\Temp
2017-12-04 20:03 - 2016-10-09 01:09 - 000000000 ___RD C:\Users\Christoph\3D Objects
2017-12-04 20:03 - 2016-04-02 22:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-04 20:03 - 2016-04-02 22:48 - 000000000 ____D C:\Users\Christoph\AppData\Local\TileDataLayer
2017-12-04 18:33 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-04 18:29 - 2017-09-30 15:35 - 000782576 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-04 18:29 - 2017-09-30 15:35 - 000157708 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-04 18:26 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-04 18:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-04 18:25 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-04 18:24 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-04 18:24 - 2016-04-02 22:15 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-04 18:23 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-04 18:23 - 2017-06-03 20:59 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-04 18:23 - 2017-04-21 22:12 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-04 18:23 - 2014-11-06 21:31 - 000000000 ____D C:\AMD
2017-12-04 18:22 - 2016-06-26 00:15 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2017-12-04 18:22 - 2016-02-06 21:36 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dacia Media Nav
2017-12-04 18:22 - 2014-11-28 15:07 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-04 18:21 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-04 18:21 - 2016-11-11 08:47 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-12-04 18:20 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-04 18:20 - 2017-06-03 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-04 18:20 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\AMD
2017-12-04 18:19 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-04 18:18 - 2017-11-04 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyLog USB
2017-12-04 18:18 - 2017-10-27 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto Paradies
2017-12-04 18:18 - 2017-10-27 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm FOTO Paradies + CEWE FOTOBUCH
2017-12-04 18:18 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-04 18:18 - 2017-06-25 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-12-04 18:18 - 2017-05-12 21:09 - 000000000 ____D C:\Program Files\UNP
2017-12-04 18:18 - 2017-05-07 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2017-12-04 18:18 - 2017-04-07 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER (C) - by eRightSoft
2017-12-04 18:18 - 2017-03-25 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WG111v3 Setup-Assistent
2017-12-04 18:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-04 18:18 - 2017-03-05 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarm
2017-12-04 18:18 - 2017-01-05 19:08 - 000000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-12-04 18:18 - 2016-09-25 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-12-04 18:18 - 2016-05-16 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2017-12-04 18:18 - 2016-05-16 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-04 18:18 - 2016-03-17 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-12-04 18:18 - 2016-03-16 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-12-04 18:18 - 2015-11-24 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiLink
2017-12-04 18:18 - 2015-10-30 19:44 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-04 18:18 - 2015-09-23 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series
2017-12-04 18:18 - 2015-03-08 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2017-12-04 18:18 - 2015-03-08 20:52 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2017-12-04 18:18 - 2015-02-08 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2017-12-04 18:18 - 2015-02-07 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-04 18:18 - 2015-01-24 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M4a to MP3 Converter
2017-12-04 18:18 - 2015-01-18 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2017-12-04 18:18 - 2015-01-17 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2017-12-04 18:18 - 2014-12-16 22:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-04 18:18 - 2014-12-16 22:03 - 000000000 ____D C:\WINDOWS\de
2017-12-04 18:18 - 2014-11-06 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-04 18:18 - 2014-11-06 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2017-12-04 18:18 - 2014-11-05 22:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-04 18:18 - 2014-11-05 21:53 - 000000000 ____D C:\Program Files\Intel
2017-12-04 18:18 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-04 18:18 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-04 18:16 - 2017-10-01 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suproda
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\Realtek
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\ASUS
2017-12-04 18:16 - 2016-06-26 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart PC Solutions
2017-12-04 18:16 - 2014-11-05 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-04 18:15 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-04 18:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-04 18:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-02 22:32 - 2016-11-14 07:39 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\vlc
2017-11-26 20:34 - 2016-12-06 21:31 - 000000000 ____D C:\Users\Natascha\AppData\LocalLow\Mozilla
2017-11-25 08:22 - 2014-12-30 22:02 - 000000000 ____D C:\Users\Christoph\Desktop\Scans
2017-11-21 20:40 - 2017-10-27 20:07 - 000000000 ____D C:\Program Files (x86)\Foto Paradies
2017-11-21 20:21 - 2014-12-02 11:42 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-20 21:03 - 2016-02-04 23:42 - 000000000 ____D C:\Users\Christoph\AppData\Local\Blizzard Entertainment
2017-11-20 19:48 - 2016-06-15 20:43 - 000000000 ____D C:\Users\Christoph\Desktop\Spiele
2017-11-19 09:05 - 2014-11-06 22:08 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Mozilla
2017-11-19 08:15 - 2017-03-17 15:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-19 08:15 - 2014-11-06 22:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-18 20:43 - 2014-11-26 11:53 - 000000000 ____D C:\Users\Natascha\AppData\Roaming\Mozilla
2017-11-18 20:43 - 2014-11-06 22:08 - 000001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-18 20:39 - 2015-04-22 07:21 - 000000000 ____D C:\Users\Natascha\AppData\Roaming\Dropbox
2017-11-14 20:09 - 2014-11-06 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 19:42 - 2017-10-10 20:00 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 19:42 - 2014-11-06 21:30 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-10 20:54 - 2016-04-05 19:57 - 000002406 _____ C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-10 20:54 - 2016-04-05 19:57 - 000000000 ___RD C:\Users\Natascha\OneDrive
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-05 22:15 - 2014-11-05 22:15 - 000000017 _____ () C:\Users\Christoph\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-04 18:19
==================== Ende von FRST.txt ============================
|
|
08.12.2017, 17:56
| #2 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... aktuelle addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2017
durchgeführt von Christoph (08-12-2017 17:30:15)
Gestartet von C:\Users\Christoph\Desktop\FRST
Windows 10 Home Version 1709 16299.98 (X64) (2017-12-04 17:26:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3712444081-2832216142-1026754779-500 - Administrator - Disabled)
Christoph (S-1-5-21-3712444081-2832216142-1026754779-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-3712444081-2832216142-1026754779-503 - Limited - Disabled)
Gast (S-1-5-21-3712444081-2832216142-1026754779-501 - Limited - Disabled)
Natascha (S-1-5-21-3712444081-2832216142-1026754779-1002 - Limited - Enabled) => C:\Users\Natascha
WDAGUtilityAccount (S-1-5-21-3712444081-2832216142-1026754779-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - )
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dacia Media Nav Toolbox (HKLM-x32\...\Dacia Media Nav Toolbox) (Version: 3.18.4.502485 - NNG Llc.)
Digital Viewer III 2.0M (HKLM-x32\...\{A4209C54-23E9-4BE7-8260-07D2B7F7452B}) (Version: 3.1.1.2 - Suproda)
dm FOTO Paradies + CEWE FOTOBUCH (HKLM-x32\...\dm FOTO Paradies + CEWE FOTOBUCH) (Version: 6.2.4 - CEWE Stiftung u Co. KGaA)
EasyLog USB (HKLM-x32\...\{0F15D0A3-844C-4248-9A1B-550ED596D3BF}) (Version: 7.5.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version: - Lascar Electronics Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft)
ffdshow [rev 3128] [2009-11-08] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Foto Paradies (HKLM-x32\...\{9813CD48-48B1-43C0-A76C-661BEEE86F70}}_is1) (Version: 3.14.1.460 - Foto Online Service GmbH)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}) (Version: 10.0.14 - Intel(R) Corporation) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.02.801 - Huawei Technologies Co.,Ltd)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7213 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Smart Data Recovery v5.0 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 5.0 - Smart PC Solutions)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER (C) v2016.Build.70+3D+Recorder Version released on (2016/ (HKLM-x32\...\{FF00DB05-B936-4B9A-B41B-1780A23D6050}_is1) (Version: released on (2016/12/15), - eRightSoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VdhCoApp 1.0.10 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Viscera Cleanup Detail: Shadow Warrior
(HKLM\...\UDK-db20f0aa-8045-4046-af6b-abc82e9bf758) (Version: - RuneStorm
)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
win2day Poker (HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\win2day Poker Staging New Client) (Version: 1.1.1.33 - win2day Poker)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YouTube Song Downloader 2016 (HKLM-x32\...\{03C5002E-9F10-4A13-A592-6792A2547BE5}_is1) (Version: 16.81 - Abelssoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Keine Datei
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers4_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers5_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DB4DA22-0D77-4F82-A003-350B4C677D63} - System32\Tasks\SamsungMagician => C:\Program Files\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {1207D3F8-2DC7-487E-8A88-B07627326C7E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {225F1CC2-A17C-42F4-8C34-C9FC80658AF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2D495CA9-C3DA-47A2-B4D1-7696867FEEE7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {353DCB87-5409-4746-8A11-FD4561CA31FA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3D305B49-E5C0-43F5-9D49-27F0A218B355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {42BB2B24-24B9-404B-9920-D979A818A6BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {455B7E72-6DB8-4637-866D-E025736EC0FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {47D290C9-5090-4BDE-969F-502E3B51FA7C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {500383B4-D075-4DF3-B32C-F91C3BF0C1D7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {54F90A80-C691-4CE2-B15E-8CEC00A83BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {7109335C-6EA3-4EAC-B5D2-A7E6B06E01AC} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {7DB1DEF4-AA1A-4F8F-AC89-81DF0965C958} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {83B87281-BF7F-43CF-98EA-A3A140719288} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {9426984A-42F9-4854-9178-88C2E2E79978} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9669C435-C5E2-43F8-95DB-62191933362B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {984E1441-B709-43DE-9CC7-DD7B2EA44B99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-11-14] (Microsoft Corporation)
Task: {AF8CC980-8518-45FD-9614-9146449FECF0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {B26C11E4-94E4-4485-A33A-49873CC3454E} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\pdf\Update\TrackerUpdate.exe [2017-03-05] (Tracker Software Products (Canada) Ltd.)
Task: {BA3AB32E-F9CC-4C70-80B4-5A8EBCB0BA4B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90 => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {CF549023-FD47-48C8-A410-59D5711FEE31} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {D6FB830A-9031-4CCA-966F-B884AADB09F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-02] (Adobe Systems Incorporated)
Task: {E78CA05C-8454-491B-9D10-38D5A4E5D5B7} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac.job => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90.job => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\pdf\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-03 20:59 - 2014-01-28 04:16 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2017-05-03 18:26 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-11-24 21:11 - 2014-06-07 09:56 - 000240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 18:26 - 2017-11-30 18:28 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 18:26 - 2017-11-30 18:28 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 18:26 - 2017-11-30 18:28 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 18:26 - 2017-11-30 18:28 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 18:26 - 2017-11-30 18:28 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2008-06-13 15:24 - 2008-06-13 15:24 - 002109440 _____ () C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 002459648 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll
2017-06-03 20:59 - 2017-12-04 18:23 - 000028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-06-03 20:59 - 2014-01-28 04:16 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-04-07 15:31 - 2014-04-07 15:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-19 23:05 - 2017-09-09 20:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-19 23:05 - 2017-10-31 04:22 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-21 10:15 - 2016-01-27 08:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-21 10:15 - 2016-01-27 08:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-08-21 10:15 - 2016-01-27 08:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-21 10:15 - 2016-01-27 08:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-21 10:15 - 2016-01-27 08:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-19 23:05 - 2017-10-31 04:22 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 20:54 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 000282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2017-06-11 21:30 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-17 08:21 - 2017-08-16 23:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-21 21:55 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-12-08 17:06 - 2017-12-08 17:06 - 000102088 _____ () C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "PlaysTV"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{D12D5F49-7E17-4ED8-BFDF-EF7D087F0E87}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{19F3654A-E890-44DF-B102-E709E6119D91}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{3DDF6E8C-6AC4-49DA-8411-0D80EABA0153}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{7D8DED95-5BE8-4E5E-9AF1-92496EF1B835}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{98562AD4-79B5-4B69-B8D4-0F1A6650BC3F}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{CEEC747C-0170-434E-8E26-026E10484B5D}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [UDP Query User{B3ADC04E-8C89-495E-8F39-70DB3259ED64}E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [TCP Query User{0049B1CD-6F01-4B2E-8BA3-228C9DDC005A}E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [UDP Query User{7C17181A-635B-4F60-9724-168CE0ED53F2}C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0E1A19D7-E21B-4726-8950-A220BD41CC75}C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1EB42A3F-53C0-4EB7-95A1-73D59C8E1067}] => (Allow) E:\Spiele\Steam games\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{84031477-93A5-44ED-AB37-C1595CBDA5AC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [UDP Query User{2A417806-78A6-4E62-AC44-7FB7B5B77676}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1D95D546-872A-49DD-ADCF-E0EF18598DC8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2B95F6DF-A4A2-4F55-8434-DAA92DC9FF89}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EE9572E5-21C1-4A39-A0C1-A97A34E422B1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D7469EC9-D8D8-4DC7-8AFB-34930F12B182}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\aarcade\bin\arcade_launcher.exe
FirewallRules: [{6789B73C-EE39-4CC1-A3A5-3E4BAA88825B}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\aarcade\bin\arcade_launcher.exe
FirewallRules: [{536C4C72-884F-4820-960B-16D1544185C8}] => (Allow) E:\Spiele\Utils für Spiele\Steam\Steam.exe
FirewallRules: [{0F696B20-606D-440C-8933-510E3B6EDB62}] => (Allow) E:\Spiele\Utils für Spiele\Steam\Steam.exe
FirewallRules: [{D39FD6F9-3EB9-430C-8BF0-BA11389D7A96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5E142B96-922D-4282-AEB9-755C86783197}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D495BF8-CB5B-43E6-A661-DC182C4DF1DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3EB255EB-356A-41B1-AD6E-8F6F578E3FB4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8B16243-B7B8-4607-9A31-3201BCCEE834}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{459FA82E-2016-4C80-B1E5-90865D98AAB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{59371ECC-6A46-4231-839B-AEBA264AC523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{E74A6153-9D06-46B4-B5AE-F72B514833CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0026B880-84A2-4F36-B8FC-39FA87CB28F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{161C4007-3A14-4BFE-9822-32D06929B104}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{AB249026-5DC8-42DD-B747-1CA0D08FF9F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3BAB8007-47B4-47A7-9EC1-57011334B087}] => (Allow) LPort=2869
FirewallRules: [{4FBC1486-C079-4160-8B6A-4E04290A4639}] => (Allow) LPort=1900
FirewallRules: [{756246BC-C7AF-4EA6-98FA-A33BEB1F5F37}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{E28F6274-1DDC-451C-B92B-F77B4F06E7C3}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{B754BF09-ABE5-4004-99CC-474A354101B6}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{7DF359BB-58EA-4A2D-8924-0E73E4951ACD}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{283A175C-CB89-4EB8-AAA1-07F2A876F380}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{777458F1-4973-4277-9D0E-378ABC3E17B0}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{F232F7B9-9441-4643-9A94-DBEE8BEE41A4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{AF5A7C6B-6F95-41C5-B209-92E7E0C5F102}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{84531BBD-6886-4D19-BCDA-BC898D23F04C}] => (Allow) E:\Spiele\Steam games\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{62E652D7-3433-4BC3-B2FB-6A36BFF0AAB4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{64DE1C52-C4D4-4ECC-AE9D-595BD8860622}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{653D5F5D-7692-4A13-978C-711AC2785CC8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{CD216A3B-56FB-4203-BDAA-0CF4C2C31881}] => (Allow) E:\Spiele\Steam games\steamapps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{1B26DA26-2767-48C6-8976-9F5A9CD4A5EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{AA3E9365-2E26-46F5-B795-E7FE1014DE15}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Way of Life Demo\TheWayOfLifeDemoWindows.exe
FirewallRules: [{E1047553-E10A-4F67-9ABF-CDF3ED9D3CDD}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Way of Life Demo\TheWayOfLifeDemoWindows.exe
FirewallRules: [{CF42DDDB-095C-406D-80CD-5EC9545859C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8836B30B-EF86-4385-81FF-B8EAC530098A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E134A50C-DF60-4623-AEFB-174F016B251B}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{64915147-3449-4A0B-8AAF-D5E38352F5D3}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{A162C88C-BFDC-4D44-9B60-B0221994AB07}] => (Allow) E:\Spiele\Steam games\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{9BD6D8EF-237B-4E5D-AA42-3389A4DA85A8}] => (Allow) E:\Spiele\Steam games\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{82F76C1C-B704-4FDF-BCC9-7392C67375EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{1CD48B31-D487-43B0-83A8-517FE0E31ED2}] => (Allow) E:\Spiele\Steam games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{18D6BBC4-26BD-4F8F-9266-04D72F327F63}] => (Allow) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CB4FA8F3-2F76-4BDC-BA5A-54A23C9A6A73}] => (Allow) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{85F2792F-7F2B-4E9C-9DCD-1477C4AFE010}] => (Allow) E:\Spiele\Steam games\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{7D77343A-6DFC-491C-B88E-365A9F6B21EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{DAA97448-EF77-40AF-AB00-EC71833279D2}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{3C913BDE-EEC9-43A2-A463-9071AA0A9E2D}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{703E3845-A81D-49AF-BD11-A1B4750F37EE}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{FE5DCE8E-C435-45E5-920D-F4628C477732}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{B71F5358-60C4-4100-B9C8-5D3A63648493}] => (Allow) E:\Spiele\Steam games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{4B6B6C26-1A96-4E04-AA42-089C5000887E}] => (Allow) E:\Spiele\Steam games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{71AAC187-C5FA-4A90-A70A-1DC41324C899}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{8CD5BC3B-E9EF-4FA6-9685-E3310209B421}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{59098CA1-A106-45DE-BBEE-D865F608EA69}] => (Allow) E:\Spiele\Steam games\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{B4DFC307-B149-4F30-8CBF-696259B2C0A4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{3C6EB5D5-FD2B-457E-9D71-EC0B996B9444}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66ABF630-C457-4EA0-974C-76EF135F34DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AB1D1C89-FAA5-413C-8E26-B6B424E4FFB3}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{8DA5A857-5E5F-4BF8-A0BA-B3F38BA34995}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{C0207D29-3002-455A-BC26-4E0CD2B4E53B}] => (Allow) E:\Spiele\Steam games\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CEBB047D-A86E-4F44-9A4F-0D001EAE7DE5}] => (Allow) E:\Spiele\Steam games\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{24BA592C-232E-4FD6-B308-0822815995EF}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{FF9ABE6C-BE24-423B-8ED8-3D83D0B39522}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1762F241-791B-496C-BCBF-7B8E8B1CD4CB}] => (Allow) E:\Spiele\Steam games\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{DA750746-277E-46B9-A737-2B2C5A83B9AB}] => (Allow) E:\Spiele\Steam games\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{FFB46647-BD9D-45CC-8ACF-DB046093FD4D}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{D67B939C-9567-46CA-94A7-B42679FC0887}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{181AE0B3-B509-4BFD-93DA-3684193D7520}E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{9FA02B06-9B99-4369-B73C-C12028B1BFAD}E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{53374A57-4385-4E05-A2BF-EB0915AF51C7}E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{E304EC10-E0BC-45A9-AA5E-090A73259513}E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{857D0B3B-90D6-45AB-A483-4026DF7EB750}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9C57562C-B4B8-481C-93E2-CF7D3C095E11}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{84B04249-724A-4E67-A694-47FE988EAA88}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{D8DB2B96-368B-4D05-A2D6-E7BCE795CBAA}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{6A76E2E8-7188-4B40-8508-6E88191873B4}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{7B5B51B5-9B37-408D-9A82-4B74A1AA6C86}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{E457641D-973C-4678-809E-ADD74D41B4B6}] => (Allow) E:\Spiele\Assassin's Creed III\AC3SP.exe
FirewallRules: [{8DB9A23F-A8FE-4B31-AD72-B80629966DED}] => (Allow) E:\Spiele\Assassin's Creed III\AC3SP.exe
FirewallRules: [{505E4D8E-CB07-4E78-AF0D-37CDE21ED659}] => (Allow) E:\Spiele\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2FE051F2-D036-40BB-A137-BE7339782922}] => (Allow) E:\Spiele\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C5DB9453-8F62-475E-B213-570A4B8D0F3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5798D614-BCB1-4FD1-A0B2-FFF61616B9E6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AD0A1B50-DE18-43D1-A6A5-3BC95A8C4A43}] => (Allow) E:\Spiele\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{C9EAF401-8A28-4434-BA9C-6912DE80ADA1}] => (Allow) E:\Spiele\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{DD41FFA5-85DF-485A-929D-666796452C31}] => (Allow) E:\Spiele\Steam games\steamapps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{32DE6FCF-6C28-4949-BFAE-77146ABFE3ED}] => (Allow) E:\Spiele\Steam games\steamapps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{75D273B4-312F-490C-A158-E55F525FD90D}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{701C3C06-E951-42B0-8103-A803D92DC995}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{34D60796-1BFE-47C1-A136-DD840675A9CC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{11FFB50B-54AF-43D2-978F-873960ABB07F}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{E62A30C6-33E7-4767-9EAE-22F25DD42636}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{EC2EBF97-E7C6-4A14-9AA3-3E548AF66F3C}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{3F577E75-76F5-4277-87CB-21BBEBC4CECA}] => (Allow) C:\Users\Christoph\AppData\Local\MicrosoftHelper\bin\Y2Go.exe
FirewallRules: [{A979C013-F7F6-4AFA-A9A1-3B0F02374EE4}] => (Allow) C:\Users\Christoph\AppData\Local\MicrosoftHelper\bin\Y2Go.exe
FirewallRules: [{4360F1FA-5150-40F4-AAC9-BD552E6520E7}] => (Allow) E:\Spiele\Steam games\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{C8CEEB9F-0A1C-4588-A681-A6DAA6576804}] => (Allow) E:\Spiele\Steam games\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
==================== Wiederherstellungspunkte =========================
05-12-2017 21:43:16 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/04/2017 06:24:29 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: mighost (4648,R,0) TILEREPOSITORYS-1-0-0: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:20:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\AMD\WU-CCC2\ccc2_install\VC13RTx64\vcredist_x64.exe /q /norestart; Beschreibung = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501; Fehler = 0x80042302).
Error: (12/04/2017 06:20:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
VSS-Server wird instanziiert
Error: (12/04/2017 06:20:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
VSS-Server wird instanziiert
Error: (12/04/2017 06:20:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\AMD\WU-CCC2\ccc2_install\VC13RTx86\vcredist_x86.exe /q /norestart; Beschreibung = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501; Fehler = 0x80042302).
Error: (12/04/2017 06:20:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.
Vorgang:
VSS-Server wird instanziiert
Systemfehler:
=============
Error: (12/05/2017 10:55:55 PM) (Source: DCOM) (EventID: 10010) (User: ARBEITSZIMMER)
Description: Der Server "Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/04/2017 06:25:21 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (12/04/2017 06:24:31 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: Der WinRM-Dienst kann den Listener mit der Adresse * und der Transporteinstellung "HTTP" nicht migrieren. Ein Listener mit dieser Adress- und Transportkonfiguration ist bereits vorhanden.
Error: (12/04/2017 06:23:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PST Service" ist vom Dienst "LanmanWorkstation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/04/2017 06:23:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/04/2017 06:22:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PST Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/04/2017 06:22:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Mobile Broadband HL Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/04/2017 06:21:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Druckererweiterungen und -benachrichtigungen" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/04/2017 06:19:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet:
Das Gerät ist nicht bereit.
Error: (12/04/2017 06:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Realtek NDIS Protocol Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8135.33 MB
Verfügbarer physikalischer RAM: 5116.13 MB
Summe virtueller Speicher: 8235.33 MB
Verfügbarer virtueller Speicher: 4727.34 MB
==================== Laufwerke ================================
Drive c: (System SSD) (Fixed) (Total:232.1 GB) (Free:14.87 GB) NTFS
Drive e: (christoph) (Fixed) (Total:931.46 GB) (Free:527.29 GB) NTFS
Drive f: (Natascha) (Fixed) (Total:931.46 GB) (Free:919.88 GB) NTFS
Drive g: (Allgemein) (Fixed) (Total:931.46 GB) (Free:785.48 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: A3D47A56)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
13.12.2017, 10:23
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malwarebytes scan 33 identifizierte Bedrohungen ... Malwarebytes Anti-Rootkit (MBAR)
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.12.2017, 20:39
| #4 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... MBAR: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2017.12.14.01
rootkit: v2017.10.14.01
Windows 10 x64 NTFS
Internet Explorer 11.125.16299.0
Christoph :: ARBEITSZIMMER [administrator]
14.12.2017 07:20:20
mbar-log-2017-12-14 (07-20-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 260382
Time elapsed: 9 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Windows\psgo (Adware.Elex.EncJob) -> Delete on reboot. [97e2d851109a79bd4bcebabb19e856aa]
Files Detected: 4
C:\ProgramData\log.ewbt (Trojan.BCDSoft) -> Delete on reboot. [2851ab7ec5e586b0313df37044bd38c8]
C:\ProgramData\log.binb (Trojan.BCDSoft) -> Delete on reboot. [7dfc280103a771c5274a4023ac55f30d]
C:\ProgramData\log.ewbb (Trojan.BCDSoft) -> Delete on reboot. [81f8cc5dbcee3501f36fa6be6c95d729]
C:\Windows\psgo\psgo.ps1 (Adware.Elex.EncJob) -> Delete on reboot. [97e2d851109a79bd4bcebabb19e856aa]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2017.12.14.05
rootkit: v2017.10.14.01
Windows 10 x64 NTFS
Internet Explorer 11.125.16299.0
Christoph :: ARBEITSZIMMER [administrator]
14.12.2017 19:28:36
mbar-log-2017-12-14 (19-28-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 260397
Time elapsed: 9 minute(s), 17 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
14.12.2017, 20:44
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes scan 33 identifizierte Bedrohungen ... Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte  AdwCleaner auf Deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.12.2017, 21:47
| #6 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... Log ADWCleaner: Code:
ATTFilter # AdwCleaner 7.0.5.0 - Logfile created on Thu Dec 14 20:42:20 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\Users\Christoph\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted: C:\\Users\Public\Documents\XMUpdate
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3F577E75-76F5-4277-87CB-21BBEBC4CECA}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A979C013-F7F6-4AFA-A9A1-3B0F02374EE4}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|KuaiZip Shell Extension
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3F577E75-76F5-4277-87CB-21BBEBC4CECA}
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A979C013-F7F6-4AFA-A9A1-3B0F02374EE4}
Deleted: [Key] - HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\Software\Microsoft\Etsy
Deleted: [Key] - HKCU\Software\Microsoft\Etsy
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2295 B] - [2017/12/14 20:41:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Ich bin ab morgen (am Wochenende) nicht vor Ort und kann daher nicht gleich reagieren, wenn deine nächste Antwort kommt. |
|
15.12.2017, 09:22
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes scan 33 identifizierte Bedrohungen ... adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.12.2017, 22:39
| #8 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... ADW Scan neu: Schaut gut aus, denk ich... Code:
ATTFilter # AdwCleaner 7.0.5.0 - Logfile created on Tue Dec 19 21:34:20 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [2421 B] - [2017/12/14 20:42:20]
C:/AdwCleaner/AdwCleaner[S0].txt - [2295 B] - [2017/12/14 20:41:50]
C:/AdwCleaner/AdwCleaner[S1].txt - [1083 B] - [2017/12/19 21:32:27]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
|
|
19.12.2017, 22:45
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes scan 33 identifizierte Bedrohungen ... Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.12.2017, 18:37
| #10 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
durchgeführt von Christoph (Administrator) auf ARBEITSZIMMER (21-12-2017 18:32:36)
Gestartet von C:\Users\Christoph\Desktop\FRST
Geladene Profile: Christoph & Natascha (Verfügbare Profile: Christoph & Natascha)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Dropbox, Inc.) C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
(Dropbox, Inc.) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Samsung Electronics Co. Ltd.) C:\Program Files\Samsung Magician\SamsungMagician.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
() C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7569112 2014-03-31] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [3015072 2016-01-19] (Comfort Software Group)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\...\Run: [Dropbox Update] => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat [2016-11-11] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk [2017-04-22]
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christoph\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1e62daa0-3460-4941-82ff-7e45f18dbeb1}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{acdd91c1-92cf-4846-8aca-1c8b7960dfff}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
FireFox:
========
FF ProfilePath: C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default [2017-12-21]
FF Homepage: Mozilla\Firefox\Profiles\2f9pw9xj.default -> www.google.at/
hxxp://www.tamagothi.de/2015/06/10/aus-aktuellem-anlass-antivirus-schlangenoel/
FF NetworkProxy: Mozilla\Firefox\Profiles\2f9pw9xj.default -> type", 4
FF Extension: (Google Translator for Firefox) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\translator@zoli.bod.xpi [2017-12-12]
FF Extension: (Session Manager) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy]
FF Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-05-10]
FF Extension: (Video DownloadHelper) - C:\Users\Christoph\AppData\Roaming\Mozilla\Firefox\Profiles\2f9pw9xj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-12-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [240720 2014-06-07] ()
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-08] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-08] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R1 cryptfd; C:\WINDOWS\System32\drivers\cryptfd.sys [193448 2017-03-03] ()
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-12-20] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R1 MpKsl8b39d396; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8B941681-D235-4232-8DE5-21ACE92E240A}\MpKsl8b39d396.sys [58120 2017-12-21] (Microsoft Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-10-13] (Anchorfree Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-08] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-08] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-21 18:24 - 2017-12-21 18:24 - 000000000 ___HD C:\OneDriveTemp
2017-12-20 17:03 - 2017-12-20 17:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-19 22:48 - 2017-12-19 23:43 - 000000681 _____ C:\Users\Christoph\Desktop\Bleiakkus.txt
2017-12-14 21:37 - 2017-12-19 22:34 - 000000000 ____D C:\AdwCleaner
2017-12-14 21:37 - 2017-12-14 21:37 - 008187336 _____ (Malwarebytes) C:\Users\Christoph\Downloads\adwcleaner_7.0.5.0.exe
2017-12-14 21:21 - 2017-12-14 21:21 - 000005480 _____ C:\Users\Christoph\Desktop\malwarebytes free 14.12.2017.txt
2017-12-14 19:28 - 2017-12-14 19:28 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5126F415.sys
2017-12-14 07:20 - 2017-12-14 07:20 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\142565A3.sys
2017-12-14 07:19 - 2017-12-14 19:51 - 000000000 ____D C:\Users\Christoph\Desktop\mbar
2017-12-14 07:19 - 2017-12-14 19:28 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-12-14 07:18 - 2017-12-14 07:18 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Christoph\Downloads\mbar-1.10.3.1001.exe
2017-12-12 20:38 - 2017-12-08 07:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-12 20:38 - 2017-12-08 00:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-12 20:38 - 2017-12-08 00:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-12 20:38 - 2017-12-08 00:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-12 20:38 - 2017-12-08 00:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 20:38 - 2017-12-08 00:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-12 20:38 - 2017-12-08 00:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-12 20:38 - 2017-12-08 00:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-12 20:38 - 2017-12-08 00:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-12 20:38 - 2017-12-08 00:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-12 20:38 - 2017-12-08 00:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-12 20:38 - 2017-12-08 00:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-12 20:38 - 2017-12-08 00:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 20:38 - 2017-12-08 00:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-12 20:38 - 2017-12-08 00:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-12 20:38 - 2017-12-08 00:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-12 20:38 - 2017-12-08 00:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-12 20:38 - 2017-12-08 00:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-12 20:38 - 2017-12-08 00:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-12 20:38 - 2017-12-08 00:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-12 20:38 - 2017-12-08 00:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-12 20:38 - 2017-12-08 00:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-12 20:38 - 2017-12-08 00:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-12 20:38 - 2017-12-08 00:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-12 20:38 - 2017-12-08 00:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-12 20:38 - 2017-12-08 00:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-12 20:38 - 2017-12-08 00:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-12 20:38 - 2017-12-08 00:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-12 20:38 - 2017-12-08 00:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-12 20:38 - 2017-12-08 00:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-12 20:38 - 2017-12-08 00:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-12 20:38 - 2017-12-08 00:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-12 20:38 - 2017-12-08 00:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-12 20:38 - 2017-12-08 00:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-12 20:38 - 2017-12-08 00:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-12 20:38 - 2017-12-07 23:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-12 20:38 - 2017-12-07 23:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-12 20:38 - 2017-12-07 23:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-12 20:38 - 2017-12-07 23:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-12 20:38 - 2017-12-07 23:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-12 20:38 - 2017-12-07 23:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-12 20:38 - 2017-12-07 23:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-12 20:38 - 2017-12-07 23:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-12 20:38 - 2017-12-07 23:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-12 20:38 - 2017-12-07 23:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-12 20:38 - 2017-12-07 23:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-12 20:38 - 2017-12-07 23:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-12 20:38 - 2017-12-07 23:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-12 20:38 - 2017-12-07 23:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-12 20:38 - 2017-12-07 23:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-12 20:38 - 2017-12-07 23:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-12 20:38 - 2017-12-07 23:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-12 20:38 - 2017-12-07 23:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-12 20:38 - 2017-12-07 23:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-12 20:38 - 2017-12-07 23:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-12 20:38 - 2017-12-07 23:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-12 20:38 - 2017-12-07 23:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-12 20:38 - 2017-12-07 23:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-12 20:38 - 2017-12-07 23:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-12 20:38 - 2017-12-07 23:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-12 20:38 - 2017-12-07 23:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-12 20:38 - 2017-12-07 23:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-12 20:38 - 2017-12-07 23:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-12 20:38 - 2017-12-07 23:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-12 20:38 - 2017-12-07 23:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-12 20:38 - 2017-12-07 23:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-12 20:38 - 2017-12-07 23:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-12 20:38 - 2017-12-07 23:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-12 20:38 - 2017-12-07 23:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-12 20:38 - 2017-12-07 23:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 20:38 - 2017-12-07 23:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-12 20:38 - 2017-12-07 23:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-12 20:38 - 2017-12-07 23:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-12 20:38 - 2017-12-07 23:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 20:38 - 2017-12-07 23:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-12 20:38 - 2017-12-07 23:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-12 20:38 - 2017-12-07 23:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-12 20:38 - 2017-12-07 23:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-12 20:38 - 2017-12-07 23:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-12 20:38 - 2017-12-07 23:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-12 20:38 - 2017-12-07 23:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-12 20:38 - 2017-12-07 23:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-12 20:38 - 2017-12-07 23:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-12 20:38 - 2017-12-07 23:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-12 20:38 - 2017-12-07 23:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-12 20:38 - 2017-12-07 23:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-12 20:38 - 2017-12-07 23:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-12 20:38 - 2017-12-07 23:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-12 20:38 - 2017-12-07 23:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-12 20:38 - 2017-12-07 23:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-12 20:38 - 2017-12-07 23:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-12 20:38 - 2017-12-07 23:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-12 20:38 - 2017-12-07 23:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-12 20:38 - 2017-12-07 23:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-12 20:38 - 2017-12-07 23:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-12 20:38 - 2017-12-07 23:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-12 20:38 - 2017-12-07 22:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 20:38 - 2017-12-07 22:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-12 20:38 - 2017-12-07 22:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-12 20:38 - 2017-12-07 22:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-12 20:38 - 2017-12-07 22:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-12 20:38 - 2017-12-07 22:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-12 20:38 - 2017-12-07 22:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-12 20:38 - 2017-12-07 22:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-12 20:38 - 2017-12-07 22:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-12 20:38 - 2017-12-07 22:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 20:38 - 2017-12-07 22:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-12 20:38 - 2017-12-07 22:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-12 20:38 - 2017-12-07 22:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-12 20:38 - 2017-12-07 22:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-12 20:38 - 2017-12-07 22:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-12 20:38 - 2017-12-07 22:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-12 20:38 - 2017-12-07 22:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-12 20:38 - 2017-12-07 22:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-10 19:23 - 2017-12-10 19:23 - 000000000 ____D C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-12-10 18:20 - 2017-12-13 21:11 - 000000000 ___RD C:\Users\Natascha\3D Objects
2017-12-10 18:20 - 2017-12-10 18:20 - 000000020 ___SH C:\Users\Natascha\ntuser.ini
2017-12-10 18:20 - 2017-12-10 18:20 - 000000000 ___HD C:\Users\Natascha\MicrosoftEdgeBackups
2017-12-09 22:17 - 2017-12-10 01:22 - 298848616 _____ C:\Users\Christoph\Downloads\!Jürgen Zahrl - Living Outside the box Convention.mp4
2017-12-09 22:17 - 2017-12-09 23:54 - 185527446 _____ C:\Users\Christoph\Downloads\xxxJürgen Zahrl - Living Outside the box Convention.mp4
2017-12-08 17:29 - 2017-12-21 18:32 - 000000000 ____D C:\FRST
2017-12-08 17:14 - 2017-12-08 17:14 - 000005951 _____ C:\Users\Christoph\Desktop\2017_12_08.txt
2017-12-08 17:02 - 2017-12-08 17:03 - 000000000 ____D C:\Users\Christoph\Desktop\Temp Logs
2017-12-04 20:05 - 2017-12-04 20:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-04 20:04 - 2017-12-04 20:04 - 000000000 ___HD C:\Users\Christoph\MicrosoftEdgeBackups
2017-12-04 20:03 - 2017-12-04 20:03 - 000000020 ___SH C:\Users\Christoph\ntuser.ini
2017-12-04 18:33 - 2017-12-04 18:33 - 000000000 ____D C:\ProgramData\USOShared
2017-12-04 18:29 - 2017-12-20 17:10 - 002074908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-04 18:25 - 2017-12-20 17:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-04 18:25 - 2017-12-13 20:30 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3712444081-2832216142-1026754779-1002
2017-12-04 18:25 - 2017-12-13 20:18 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-04 18:25 - 2017-12-08 17:06 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3712444081-2832216142-1026754779-1001
2017-12-04 18:25 - 2017-12-04 18:25 - 000003974 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90
2017-12-04 18:25 - 2017-12-04 18:25 - 000003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2017-12-04 18:25 - 2017-12-04 18:25 - 000003706 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac
2017-12-04 18:25 - 2017-12-04 18:25 - 000002856 _____ C:\WINDOWS\System32\Tasks\TrackerAutoUpdate
2017-12-04 18:25 - 2017-12-04 18:25 - 000002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3712444081-2832216142-1026754779-1002
2017-12-04 18:25 - 2017-12-04 18:25 - 000002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3712444081-2832216142-1026754779-1001
2017-12-04 18:25 - 2017-12-04 18:25 - 000002604 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Update
2017-12-04 18:25 - 2017-12-04 18:25 - 000002590 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-12-04 18:25 - 2017-12-04 18:25 - 000002478 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-12-04 18:25 - 2017-12-04 18:25 - 000002428 _____ C:\WINDOWS\System32\Tasks\Motorola Device Manager Initial Update
2017-12-04 18:25 - 2017-12-04 18:25 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-12-04 18:25 - 2017-12-04 18:25 - 000002210 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002184 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002182 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002168 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002166 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-12-04 18:25 - 2017-12-04 18:25 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-12-04 18:25 - 2017-12-04 18:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-12-04 18:24 - 2017-12-04 18:25 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-04 18:24 - 2017-12-04 18:25 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-04 18:21 - 2017-12-14 16:39 - 000000000 ____D C:\Users\Christoph\AppData\Local\Packages
2017-12-04 18:21 - 2017-12-04 18:21 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-04 18:21 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-04 18:20 - 2017-12-19 20:38 - 000000000 ____D C:\Users\Natascha\AppData\Local\Packages
2017-12-04 18:20 - 2017-12-10 18:20 - 000000000 ____D C:\Users\Natascha
2017-12-04 18:20 - 2017-12-04 20:04 - 000000000 ____D C:\Users\Christoph
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Vorlagen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Startmenü
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Netzwerkumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Lokale Einstellungen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Eigene Dateien
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Druckumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Videos
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Musik
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Documents\Eigene Bilder
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Local\Verlauf
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\AppData\Local\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Natascha\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Vorlagen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Startmenü
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Netzwerkumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Lokale Einstellungen
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Eigene Dateien
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Druckumgebung
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Videos
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Musik
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Documents\Eigene Bilder
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Local\Verlauf
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\AppData\Local\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 _SHDL C:\Users\Christoph\Anwendungsdaten
2017-12-04 18:20 - 2017-12-04 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-12-04 18:19 - 2017-12-20 20:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-04 18:19 - 2017-12-13 21:11 - 000275320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-04 18:18 - 2017-12-19 20:38 - 000000000 ____D C:\Windows.old
2017-12-04 18:16 - 2017-12-04 18:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-04 18:16 - 2017-12-04 18:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-04 18:15 - 2017-12-04 18:15 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-04 18:15 - 2017-12-04 18:15 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-04 18:15 - 2017-12-04 18:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-04 18:14 - 2017-12-04 18:14 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-04 18:14 - 2017-12-04 18:14 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-04 18:14 - 2017-12-04 18:14 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-04 18:14 - 2017-12-04 18:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-04 18:14 - 2017-12-04 18:14 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-04 18:14 - 2017-12-04 18:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-04 18:14 - 2017-12-04 18:14 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files\MSBuild
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-04 18:13 - 2017-12-04 18:13 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-04 18:12 - 2017-12-04 18:12 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-04 18:12 - 2017-12-04 18:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-04 18:12 - 2017-12-04 18:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-02 20:45 - 2017-12-12 22:04 - 000000081 _____ C:\Users\Christoph\Desktop\Fallout.txt
2017-12-02 17:16 - 2017-12-10 09:02 - 000000000 ____D C:\Users\Christoph\Desktop\Outside the box
2017-12-02 17:15 - 2017-12-02 17:15 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2017-12-02 17:13 - 2017-12-02 17:14 - 038655984 _____ (DownloadHelper ) C:\Users\Christoph\Downloads\VdhCoAppSetup-1.0.10.exe
2017-11-30 18:33 - 2017-12-04 20:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-28 21:46 - 2017-11-28 21:46 - 000441105 _____ C:\Users\Christoph\Desktop\die_7_groessten_geheimnisse.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-12-21 18:32 - 2017-05-02 18:36 - 000000000 ____D C:\Users\Christoph\Desktop\FRST
2017-12-21 18:28 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-21 18:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-21 18:27 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-21 18:25 - 2016-11-23 19:08 - 000000000 ____D C:\Users\Christoph\AppData\LocalLow\Mozilla
2017-12-21 18:24 - 2014-11-06 23:04 - 000000000 ___RD C:\Users\Christoph\OneDrive
2017-12-21 18:24 - 2014-11-06 22:10 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-20 21:49 - 2016-12-06 21:31 - 000000000 ____D C:\Users\Natascha\AppData\LocalLow\Mozilla
2017-12-20 21:39 - 2016-05-16 19:15 - 000000000 ____D C:\Temp
2017-12-20 17:10 - 2017-09-30 15:35 - 000922682 _____ C:\WINDOWS\system32\perfh007.dat
2017-12-20 17:10 - 2017-09-30 15:35 - 000197284 _____ C:\WINDOWS\system32\perfc007.dat
2017-12-20 17:03 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-20 17:03 - 2017-06-03 20:59 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-12-20 17:03 - 2017-04-21 22:12 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-12-19 22:38 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-19 20:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-14 22:08 - 2017-10-09 17:17 - 000000000 ____D C:\Users\Christoph\AppData\Local\FalloutShelter
2017-12-14 21:42 - 2016-11-15 20:49 - 000000000 ____D C:\Users\Christoph\AppData\Local\Downloaded Installations
2017-12-14 19:51 - 2017-04-26 21:31 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-12-14 07:20 - 2017-04-21 22:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-13 22:53 - 2016-10-09 01:09 - 000000000 ___RD C:\Users\Christoph\3D Objects
2017-12-13 22:53 - 2016-04-02 22:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-13 21:21 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-13 21:11 - 2017-03-17 15:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-13 21:11 - 2014-11-06 22:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-13 21:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-13 21:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-13 21:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-13 21:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-13 21:10 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-13 20:30 - 2016-04-05 19:57 - 000002406 _____ C:\Users\Natascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-13 20:30 - 2016-04-05 19:57 - 000000000 ___RD C:\Users\Natascha\OneDrive
2017-12-13 20:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-13 20:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-13 19:42 - 2014-11-06 22:08 - 000001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-13 19:41 - 2015-04-22 07:25 - 000000000 ___RD C:\Users\Natascha\Dropbox
2017-12-12 22:56 - 2017-11-19 21:03 - 000000000 ____D C:\Users\Christoph\AppData\Local\Battle.net
2017-12-12 22:12 - 2017-11-19 21:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-12-12 20:40 - 2014-11-06 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-12 20:39 - 2017-10-10 20:00 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 20:39 - 2014-11-06 21:30 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-10 22:45 - 2016-11-14 07:39 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\vlc
2017-12-10 19:23 - 2015-04-22 07:21 - 000000000 ____D C:\Users\Natascha\AppData\Roaming\Dropbox
2017-12-10 18:20 - 2016-04-05 19:56 - 000000000 ____D C:\Users\Natascha\AppData\Local\TileDataLayer
2017-12-08 17:06 - 2016-04-02 22:50 - 000002409 _____ C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-05 21:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-04 20:03 - 2016-04-02 22:48 - 000000000 ____D C:\Users\Christoph\AppData\Local\TileDataLayer
2017-12-04 18:33 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-04 18:26 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-04 18:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-04 18:25 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-04 18:24 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-04 18:24 - 2016-04-02 22:15 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-04 18:23 - 2014-11-06 21:31 - 000000000 ____D C:\AMD
2017-12-04 18:22 - 2016-06-26 00:15 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2017-12-04 18:22 - 2016-02-06 21:36 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dacia Media Nav
2017-12-04 18:22 - 2014-11-28 15:07 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-04 18:21 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-04 18:21 - 2016-11-11 08:47 - 000000000 ____D C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-12-04 18:20 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-04 18:20 - 2017-06-03 20:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-04 18:20 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\AMD
2017-12-04 18:19 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-04 18:18 - 2017-11-19 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-12-04 18:18 - 2017-11-19 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-12-04 18:18 - 2017-11-04 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyLog USB
2017-12-04 18:18 - 2017-10-27 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto Paradies
2017-12-04 18:18 - 2017-10-27 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm FOTO Paradies + CEWE FOTOBUCH
2017-12-04 18:18 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-04 18:18 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-04 18:18 - 2017-06-25 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-12-04 18:18 - 2017-05-12 21:09 - 000000000 ____D C:\Program Files\UNP
2017-12-04 18:18 - 2017-05-07 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2017-12-04 18:18 - 2017-04-07 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER (C) - by eRightSoft
2017-12-04 18:18 - 2017-03-25 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WG111v3 Setup-Assistent
2017-12-04 18:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-04 18:18 - 2017-03-05 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alarm
2017-12-04 18:18 - 2017-01-05 19:08 - 000000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-12-04 18:18 - 2016-09-25 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2017-12-04 18:18 - 2016-05-16 19:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2017-12-04 18:18 - 2016-05-16 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-04 18:18 - 2016-03-17 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-12-04 18:18 - 2016-03-16 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-12-04 18:18 - 2015-11-24 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiLink
2017-12-04 18:18 - 2015-10-30 19:44 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-04 18:18 - 2015-09-23 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series
2017-12-04 18:18 - 2015-03-08 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2017-12-04 18:18 - 2015-03-08 20:52 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2017-12-04 18:18 - 2015-02-08 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2017-12-04 18:18 - 2015-02-07 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-04 18:18 - 2015-01-24 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M4a to MP3 Converter
2017-12-04 18:18 - 2015-01-18 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2017-12-04 18:18 - 2015-01-17 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2017-12-04 18:18 - 2014-12-16 22:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-04 18:18 - 2014-12-16 22:03 - 000000000 ____D C:\WINDOWS\de
2017-12-04 18:18 - 2014-11-06 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-04 18:18 - 2014-11-06 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2017-12-04 18:18 - 2014-11-05 22:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-04 18:18 - 2014-11-05 21:53 - 000000000 ____D C:\Program Files\Intel
2017-12-04 18:18 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-04 18:18 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-04 18:16 - 2017-10-01 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suproda
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-04 18:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\Realtek
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-12-04 18:16 - 2017-06-03 20:59 - 000000000 ____D C:\Program Files\ASUS
2017-12-04 18:16 - 2016-06-26 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart PC Solutions
2017-12-04 18:16 - 2014-11-05 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-04 18:15 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-04 18:15 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-04 18:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-04 18:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-03 23:38 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-03 23:38 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-25 08:22 - 2014-12-30 22:02 - 000000000 ____D C:\Users\Christoph\Desktop\Scans
2017-11-21 20:40 - 2017-10-27 20:07 - 000000000 ____D C:\Program Files (x86)\Foto Paradies
2017-11-21 20:21 - 2014-12-02 11:42 - 000545440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-05 22:15 - 2014-11-05 22:15 - 000000017 _____ () C:\Users\Christoph\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-12-14 19:06
==================== Ende von FRST.txt ============================
|
|
21.12.2017, 18:38
| #11 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... ADDITION.TXT Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2017
durchgeführt von Christoph (21-12-2017 18:33:01)
Gestartet von C:\Users\Christoph\Desktop\FRST
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-04 17:26:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3712444081-2832216142-1026754779-500 - Administrator - Disabled)
Christoph (S-1-5-21-3712444081-2832216142-1026754779-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-3712444081-2832216142-1026754779-503 - Limited - Disabled)
Gast (S-1-5-21-3712444081-2832216142-1026754779-501 - Limited - Disabled)
Natascha (S-1-5-21-3712444081-2832216142-1026754779-1002 - Limited - Enabled) => C:\Users\Natascha
WDAGUtilityAccount (S-1-5-21-3712444081-2832216142-1026754779-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - )
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dacia Media Nav Toolbox (HKLM-x32\...\Dacia Media Nav Toolbox) (Version: 3.18.4.502485 - NNG Llc.)
Digital Viewer III 2.0M (HKLM-x32\...\{A4209C54-23E9-4BE7-8260-07D2B7F7452B}) (Version: 3.1.1.2 - Suproda)
dm FOTO Paradies + CEWE FOTOBUCH (HKLM-x32\...\dm FOTO Paradies + CEWE FOTOBUCH) (Version: 6.2.4 - CEWE Stiftung u Co. KGaA)
Dropbox (HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\...\Dropbox) (Version: 40.4.46 - Dropbox, Inc.)
EasyLog USB (HKLM-x32\...\{0F15D0A3-844C-4248-9A1B-550ED596D3BF}) (Version: 7.5.0 - Lascar Electronics Ltd.)
EasyLog USB Device (Driver Removal) (HKLM-x32\...\EL-USB&10C4&0002) (Version: - Lascar Electronics Ltd.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Far Cry 3 Blood Dragon (HKLM-x32\...\Uplay Install 205) (Version: - Ubisoft)
ffdshow [rev 3128] [2009-11-08] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Foto Paradies (HKLM-x32\...\{9813CD48-48B1-43C0-A76C-661BEEE86F70}}_is1) (Version: 3.14.1.460 - Foto Online Service GmbH)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}) (Version: 10.0.14 - Intel(R) Corporation) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.02.801 - Huawei Technologies Co.,Ltd)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.2 (x64 de) (HKLM\...\Mozilla Firefox 57.0.2 (x64 de)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.321.0 - Tracker Software Products Ltd)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7213 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Smart Data Recovery v5.0 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 5.0 - Smart PC Solutions)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER (C) v2016.Build.70+3D+Recorder Version released on (2016/ (HKLM-x32\...\{FF00DB05-B936-4B9A-B41B-1780A23D6050}_is1) (Version: released on (2016/12/15), - eRightSoft)
Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VdhCoApp 1.0.10 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Viscera Cleanup Detail: Shadow Warrior
(HKLM\...\UDK-db20f0aa-8045-4046-af6b-abc82e9bf758) (Version: - RuneStorm
)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
win2day Poker (HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\...\win2day Poker Staging New Client) (Version: 1.1.1.33 - win2day Poker)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YouTube Song Downloader 2016 (HKLM-x32\...\{03C5002E-9F10-4A13-A592-6792A2547BE5}_is1) (Version: 16.81 - Abelssoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} => -> Keine Datei
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers4_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers5_S-1-5-21-3712444081-2832216142-1026754779-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers1_S-1-5-21-3712444081-2832216142-1026754779-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers4_S-1-5-21-3712444081-2832216142-1026754779-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
ContextMenuHandlers5_S-1-5-21-3712444081-2832216142-1026754779-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Natascha\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0DB4DA22-0D77-4F82-A003-350B4C677D63} - System32\Tasks\SamsungMagician => C:\Program Files\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {1207D3F8-2DC7-487E-8A88-B07627326C7E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {225F1CC2-A17C-42F4-8C34-C9FC80658AF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2D495CA9-C3DA-47A2-B4D1-7696867FEEE7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {353DCB87-5409-4746-8A11-FD4561CA31FA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3D305B49-E5C0-43F5-9D49-27F0A218B355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {42BB2B24-24B9-404B-9920-D979A818A6BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {455B7E72-6DB8-4637-866D-E025736EC0FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {47D290C9-5090-4BDE-969F-502E3B51FA7C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {500383B4-D075-4DF3-B32C-F91C3BF0C1D7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {54F90A80-C691-4CE2-B15E-8CEC00A83BCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {7109335C-6EA3-4EAC-B5D2-A7E6B06E01AC} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {7DB1DEF4-AA1A-4F8F-AC89-81DF0965C958} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {83B87281-BF7F-43CF-98EA-A3A140719288} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {9426984A-42F9-4854-9178-88C2E2E79978} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {9669C435-C5E2-43F8-95DB-62191933362B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-08] (Microsoft Corporation)
Task: {984E1441-B709-43DE-9CC7-DD7B2EA44B99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-12-12] (Microsoft Corporation)
Task: {AF8CC980-8518-45FD-9614-9146449FECF0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {B26C11E4-94E4-4485-A33A-49873CC3454E} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\pdf\Update\TrackerUpdate.exe [2017-03-05] (Tracker Software Products (Canada) Ltd.)
Task: {BA3AB32E-F9CC-4C70-80B4-5A8EBCB0BA4B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90 => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {CF549023-FD47-48C8-A410-59D5711FEE31} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {D6FB830A-9031-4CCA-966F-B884AADB09F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)
Task: {E78CA05C-8454-491B-9D10-38D5A4E5D5B7} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002Core1d237731aed5aac.job => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3712444081-2832216142-1026754779-1002UA1d237731af23d90.job => C:\Users\Natascha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\pdf\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-06-03 20:59 - 2014-01-28 04:16 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-11-24 21:11 - 2014-06-07 09:56 - 000240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2017-05-03 18:26 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-04 18:15 - 2017-12-04 18:15 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-12 20:20 - 2017-12-12 20:28 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-12 20:20 - 2017-12-12 20:28 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2008-06-13 15:24 - 2008-06-13 15:24 - 002109440 _____ () C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
2017-12-12 20:20 - 2017-12-12 20:28 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-12 20:20 - 2017-12-12 20:28 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-12 20:20 - 2017-12-12 20:28 - 000671744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-06-03 20:59 - 2017-12-20 17:03 - 000028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-06-03 20:59 - 2014-01-28 04:16 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2014-04-07 15:31 - 2014-04-07 15:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-12-13 20:30 - 2017-12-13 20:30 - 000102088 _____ () C:\Users\Natascha\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2017-12-10 19:23 - 2017-12-05 02:06 - 000725312 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-12-10 19:23 - 2017-12-05 02:06 - 002075456 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2017-05-12 21:08 - 2017-12-05 02:06 - 000100296 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000018888 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\select.pyd
2017-05-12 21:08 - 2017-12-05 02:08 - 000020800 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000035792 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000694224 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000021848 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000130512 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 001856848 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000022864 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000145864 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000116688 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-05-12 21:08 - 2017-12-05 02:06 - 000105928 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-05-12 21:08 - 2017-12-05 02:08 - 000022864 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000062784 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000024528 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000040248 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000020936 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000124880 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000116176 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000392656 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-05-12 21:08 - 2017-12-05 02:08 - 000392512 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-05-12 21:08 - 2017-12-05 02:08 - 000026456 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000024016 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000175560 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000030160 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000043472 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-09-23 19:42 - 2017-12-05 02:06 - 000026056 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32job.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000048592 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000057808 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000021824 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-09-09 05:05 - 2017-12-05 02:09 - 000023368 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000022856 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2017-05-18 15:07 - 2017-12-05 02:08 - 000066392 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 001796920 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000084424 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\sip.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 001956152 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 003859264 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000155464 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000521024 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000050496 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000042304 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000131384 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000218944 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000204096 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000025432 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000060880 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000054608 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000024016 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000022864 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-05-12 21:08 - 2017-12-05 02:08 - 000100688 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000028616 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-05-12 21:08 - 2017-12-05 02:08 - 000022360 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000021848 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000022360 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000027488 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-12 21:08 - 2017-12-05 02:06 - 000349128 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000101184 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-05-12 21:08 - 2017-12-05 02:09 - 000023896 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000025424 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000036296 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\librsync.dll
2017-12-10 19:23 - 2017-12-05 02:07 - 000032600 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-12-10 19:23 - 2017-12-05 02:06 - 000293392 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-12-10 19:23 - 2017-12-05 02:07 - 000181056 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-05-12 21:08 - 2017-12-05 02:08 - 000030536 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000024368 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\libEGL.DLL
2017-12-10 19:23 - 2017-12-05 02:07 - 001638200 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-05-12 21:08 - 2017-12-05 02:09 - 000026456 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000545080 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000359224 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-12-10 19:23 - 2017-12-05 02:07 - 000038208 _____ () C:\Users\Natascha\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd
2014-03-31 21:35 - 2014-03-31 21:35 - 000282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2015-08-19 23:05 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-19 23:05 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-14 07:19 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 07:19 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 07:19 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 07:19 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 07:19 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-19 23:05 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-19 23:05 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 20:54 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-11 21:30 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2016-12-17 08:21 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-21 21:55 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-12-08 17:06 - 2017-12-08 17:06 - 000102088 _____ () C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "PlaysTV"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{D12D5F49-7E17-4ED8-BFDF-EF7D087F0E87}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{19F3654A-E890-44DF-B102-E709E6119D91}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{3DDF6E8C-6AC4-49DA-8411-0D80EABA0153}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{7D8DED95-5BE8-4E5E-9AF1-92496EF1B835}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{98562AD4-79B5-4B69-B8D4-0F1A6650BC3F}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{CEEC747C-0170-434E-8E26-026E10484B5D}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [UDP Query User{B3ADC04E-8C89-495E-8F39-70DB3259ED64}E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [TCP Query User{0049B1CD-6F01-4B2E-8BA3-228C9DDC005A}E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base59587\sc2_x64.exe
FirewallRules: [UDP Query User{7C17181A-635B-4F60-9724-168CE0ED53F2}C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0E1A19D7-E21B-4726-8950-A220BD41CC75}C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\natascha\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1EB42A3F-53C0-4EB7-95A1-73D59C8E1067}] => (Allow) E:\Spiele\Steam games\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{84031477-93A5-44ED-AB37-C1595CBDA5AC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [UDP Query User{2A417806-78A6-4E62-AC44-7FB7B5B77676}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1D95D546-872A-49DD-ADCF-E0EF18598DC8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2B95F6DF-A4A2-4F55-8434-DAA92DC9FF89}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{EE9572E5-21C1-4A39-A0C1-A97A34E422B1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D7469EC9-D8D8-4DC7-8AFB-34930F12B182}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\aarcade\bin\arcade_launcher.exe
FirewallRules: [{6789B73C-EE39-4CC1-A3A5-3E4BAA88825B}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\aarcade\bin\arcade_launcher.exe
FirewallRules: [{536C4C72-884F-4820-960B-16D1544185C8}] => (Allow) E:\Spiele\Utils für Spiele\Steam\Steam.exe
FirewallRules: [{0F696B20-606D-440C-8933-510E3B6EDB62}] => (Allow) E:\Spiele\Utils für Spiele\Steam\Steam.exe
FirewallRules: [{D39FD6F9-3EB9-430C-8BF0-BA11389D7A96}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5E142B96-922D-4282-AEB9-755C86783197}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D495BF8-CB5B-43E6-A661-DC182C4DF1DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3EB255EB-356A-41B1-AD6E-8F6F578E3FB4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8B16243-B7B8-4607-9A31-3201BCCEE834}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{459FA82E-2016-4C80-B1E5-90865D98AAB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{59371ECC-6A46-4231-839B-AEBA264AC523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{E74A6153-9D06-46B4-B5AE-F72B514833CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0026B880-84A2-4F36-B8FC-39FA87CB28F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{161C4007-3A14-4BFE-9822-32D06929B104}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{AB249026-5DC8-42DD-B747-1CA0D08FF9F6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3BAB8007-47B4-47A7-9EC1-57011334B087}] => (Allow) LPort=2869
FirewallRules: [{4FBC1486-C079-4160-8B6A-4E04290A4639}] => (Allow) LPort=1900
FirewallRules: [{756246BC-C7AF-4EA6-98FA-A33BEB1F5F37}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{E28F6274-1DDC-451C-B92B-F77B4F06E7C3}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{B754BF09-ABE5-4004-99CC-474A354101B6}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{7DF359BB-58EA-4A2D-8924-0E73E4951ACD}] => (Allow) E:\Spiele\Steam games\steamapps\common\How to Survive\Detect.exe
FirewallRules: [{283A175C-CB89-4EB8-AAA1-07F2A876F380}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{777458F1-4973-4277-9D0E-378ABC3E17B0}] => (Allow) E:\Spiele\Steam games\steamapps\common\Shadow Warrior\sw.exe
FirewallRules: [{F232F7B9-9441-4643-9A94-DBEE8BEE41A4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{AF5A7C6B-6F95-41C5-B209-92E7E0C5F102}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{84531BBD-6886-4D19-BCDA-BC898D23F04C}] => (Allow) E:\Spiele\Steam games\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{62E652D7-3433-4BC3-B2FB-6A36BFF0AAB4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{64DE1C52-C4D4-4ECC-AE9D-595BD8860622}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{653D5F5D-7692-4A13-978C-711AC2785CC8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{CD216A3B-56FB-4203-BDAA-0CF4C2C31881}] => (Allow) E:\Spiele\Steam games\steamapps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{1B26DA26-2767-48C6-8976-9F5A9CD4A5EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\EvolveBeta\Bin64_SteamRetail\StaticLauncher64.exe
FirewallRules: [{AA3E9365-2E26-46F5-B795-E7FE1014DE15}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Way of Life Demo\TheWayOfLifeDemoWindows.exe
FirewallRules: [{E1047553-E10A-4F67-9ABF-CDF3ED9D3CDD}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Way of Life Demo\TheWayOfLifeDemoWindows.exe
FirewallRules: [{CF42DDDB-095C-406D-80CD-5EC9545859C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8836B30B-EF86-4385-81FF-B8EAC530098A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E134A50C-DF60-4623-AEFB-174F016B251B}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{64915147-3449-4A0B-8AAF-D5E38352F5D3}] => (Allow) E:\Spiele\Steam games\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe
FirewallRules: [{A162C88C-BFDC-4D44-9B60-B0221994AB07}] => (Allow) E:\Spiele\Steam games\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{9BD6D8EF-237B-4E5D-AA42-3389A4DA85A8}] => (Allow) E:\Spiele\Steam games\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{82F76C1C-B704-4FDF-BCC9-7392C67375EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{1CD48B31-D487-43B0-83A8-517FE0E31ED2}] => (Allow) E:\Spiele\Steam games\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{18D6BBC4-26BD-4F8F-9266-04D72F327F63}] => (Allow) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CB4FA8F3-2F76-4BDC-BA5A-54A23C9A6A73}] => (Allow) C:\Users\Natascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{85F2792F-7F2B-4E9C-9DCD-1477C4AFE010}] => (Allow) E:\Spiele\Steam games\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{7D77343A-6DFC-491C-B88E-365A9F6B21EC}] => (Allow) E:\Spiele\Steam games\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe
FirewallRules: [{DAA97448-EF77-40AF-AB00-EC71833279D2}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{3C913BDE-EEC9-43A2-A463-9071AA0A9E2D}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win32\UDK.exe
FirewallRules: [{703E3845-A81D-49AF-BD11-A1B4750F37EE}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{FE5DCE8E-C435-45E5-920D-F4628C477732}] => (Allow) E:\Spiele\Steam games\steamapps\common\Viscera Cleanup Detail Shadow Warrior\Binaries\Win64\UDK.exe
FirewallRules: [{B71F5358-60C4-4100-B9C8-5D3A63648493}] => (Allow) E:\Spiele\Steam games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{4B6B6C26-1A96-4E04-AA42-089C5000887E}] => (Allow) E:\Spiele\Steam games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{71AAC187-C5FA-4A90-A70A-1DC41324C899}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{8CD5BC3B-E9EF-4FA6-9685-E3310209B421}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\AArcade.exe
FirewallRules: [{59098CA1-A106-45DE-BBEE-D865F608EA69}] => (Allow) E:\Spiele\Steam games\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{B4DFC307-B149-4F30-8CBF-696259B2C0A4}] => (Allow) E:\Spiele\Steam games\steamapps\common\Heroine's Quest\Heroine's Quest.exe
FirewallRules: [{3C6EB5D5-FD2B-457E-9D71-EC0B996B9444}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66ABF630-C457-4EA0-974C-76EF135F34DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AB1D1C89-FAA5-413C-8E26-B6B424E4FFB3}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{8DA5A857-5E5F-4BF8-A0BA-B3F38BA34995}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{C0207D29-3002-455A-BC26-4E0CD2B4E53B}] => (Allow) E:\Spiele\Steam games\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{CEBB047D-A86E-4F44-9A4F-0D001EAE7DE5}] => (Allow) E:\Spiele\Steam games\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{24BA592C-232E-4FD6-B308-0822815995EF}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{FF9ABE6C-BE24-423B-8ED8-3D83D0B39522}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1762F241-791B-496C-BCBF-7B8E8B1CD4CB}] => (Allow) E:\Spiele\Steam games\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{DA750746-277E-46B9-A737-2B2C5A83B9AB}] => (Allow) E:\Spiele\Steam games\steamapps\common\Duke Nukem Forever\System\DukeForever.exe
FirewallRules: [{FFB46647-BD9D-45CC-8ACF-DB046093FD4D}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{D67B939C-9567-46CA-94A7-B42679FC0887}] => (Allow) E:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{181AE0B3-B509-4BFD-93DA-3684193D7520}E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{9FA02B06-9B99-4369-B73C-C12028B1BFAD}E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) E:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{53374A57-4385-4E05-A2BF-EB0915AF51C7}E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{E304EC10-E0BC-45A9-AA5E-090A73259513}E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{857D0B3B-90D6-45AB-A483-4026DF7EB750}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9C57562C-B4B8-481C-93E2-CF7D3C095E11}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{84B04249-724A-4E67-A694-47FE988EAA88}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{D8DB2B96-368B-4D05-A2D6-E7BCE795CBAA}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11_b.exe
FirewallRules: [{6A76E2E8-7188-4B40-8508-6E88191873B4}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{7B5B51B5-9B37-408D-9A82-4B74A1AA6C86}] => (Allow) E:\Spiele\Ubisoft Game Launcher\games\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{E457641D-973C-4678-809E-ADD74D41B4B6}] => (Allow) E:\Spiele\Assassin's Creed III\AC3SP.exe
FirewallRules: [{8DB9A23F-A8FE-4B31-AD72-B80629966DED}] => (Allow) E:\Spiele\Assassin's Creed III\AC3SP.exe
FirewallRules: [{505E4D8E-CB07-4E78-AF0D-37CDE21ED659}] => (Allow) E:\Spiele\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2FE051F2-D036-40BB-A137-BE7339782922}] => (Allow) E:\Spiele\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C5DB9453-8F62-475E-B213-570A4B8D0F3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5798D614-BCB1-4FD1-A0B2-FFF61616B9E6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AD0A1B50-DE18-43D1-A6A5-3BC95A8C4A43}] => (Allow) E:\Spiele\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{C9EAF401-8A28-4434-BA9C-6912DE80ADA1}] => (Allow) E:\Spiele\Tom Clancy's Splinter Cell\system\SplinterCell.exe
FirewallRules: [{DD41FFA5-85DF-485A-929D-666796452C31}] => (Allow) E:\Spiele\Steam games\steamapps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{32DE6FCF-6C28-4949-BFAE-77146ABFE3ED}] => (Allow) E:\Spiele\Steam games\steamapps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{75D273B4-312F-490C-A158-E55F525FD90D}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{701C3C06-E951-42B0-8103-A803D92DC995}] => (Allow) E:\Spiele\Steam games\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{34D60796-1BFE-47C1-A136-DD840675A9CC}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{11FFB50B-54AF-43D2-978F-873960ABB07F}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{E62A30C6-33E7-4767-9EAE-22F25DD42636}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{EC2EBF97-E7C6-4A14-9AA3-3E548AF66F3C}] => (Allow) E:\Spiele\Steam games\steamapps\common\Anarchy Arcade\frontend\bin\arcade_launcher.exe
FirewallRules: [{4360F1FA-5150-40F4-AAC9-BD552E6520E7}] => (Allow) E:\Spiele\Steam games\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [{C8CEEB9F-0A1C-4588-A681-A6DAA6576804}] => (Allow) E:\Spiele\Steam games\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe
FirewallRules: [TCP Query User{0DE199A3-4D70-4277-B920-73BDDD30B0A5}E:\spiele\starcraft ii\versions\base60321\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base60321\sc2_x64.exe
FirewallRules: [UDP Query User{3FE6FB1C-570E-4115-AB46-95C1D0E3601A}E:\spiele\starcraft ii\versions\base60321\sc2_x64.exe] => (Block) E:\spiele\starcraft ii\versions\base60321\sc2_x64.exe
==================== Wiederherstellungspunkte =========================
19-12-2017 20:57:29 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/19/2017 08:53:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/13/2017 10:16:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/13/2017 09:11:32 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (12/10/2017 01:14:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/04/2017 06:24:29 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: mighost (4648,R,0) TILEREPOSITORYS-1-0-0: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:23:33 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Error: (12/04/2017 06:20:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\AMD\WU-CCC2\ccc2_install\VC13RTx64\vcredist_x64.exe /q /norestart; Beschreibung = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501; Fehler = 0x80042302).
Systemfehler:
=============
Error: (12/21/2017 06:26:39 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/20/2017 09:42:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/20/2017 05:06:34 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (12/20/2017 05:03:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/20/2017 05:00:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/20/2017 05:00:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/20/2017 05:00:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (12/20/2017 05:00:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.12.2017 um 23:44:10 unerwartet heruntergefahren.
Error: (12/20/2017 05:00:16 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 3221225684Bei der Verarbeitung der Wiederherstellungsdaten ist ein schwerwiegender Fehler aufgetreten.
Error: (12/19/2017 10:35:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8135.33 MB
Verfügbarer physikalischer RAM: 4758.2 MB
Summe virtueller Speicher: 8235.33 MB
Verfügbarer virtueller Speicher: 4473.84 MB
==================== Laufwerke ================================
Drive c: (System SSD) (Fixed) (Total:232.1 GB) (Free:33.96 GB) NTFS
Drive e: (christoph) (Fixed) (Total:931.46 GB) (Free:526.9 GB) NTFS
Drive f: (Natascha) (Fixed) (Total:931.46 GB) (Free:919.88 GB) NTFS
Drive g: (Allgemein) (Fixed) (Total:931.46 GB) (Free:785.48 GB) NTFS
Drive i: (FOTO BOX) (Fixed) (Total:931.51 GB) (Free:526.55 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: A3D47A56)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 6EA7384B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
21.12.2017, 19:05
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes scan 33 identifizierte Bedrohungen ... Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.12.2017, 17:15
| #13 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ... MBAM.txt Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 22.12.17
Scan-Zeit: 23:00
Protokolldatei: 7dd32208-e763-11e7-8c7d-7824af42ffda.json
Administrator: Ja
-Softwaredaten-
Version: 3.3.1.2183
Komponentenversion: 1.0.262
Version des Aktualisierungspakets: 1.0.3545
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.125)
CPU: x64
Dateisystem: NTFS
Benutzer: ARBEITSZIMMER\Christoph
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 341003
Erkannte Bedrohungen: 24
In die Quarantäne verschobene Bedrohungen: 24
Abgelaufene Zeit: 1 Min., 38 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 20
PUP.Optional.UCBrowser, HKU\S-1-5-18\SOFTWARE\UCBrowser, In Quarantäne, [1292], [403633],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.CRX, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.HTM, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\UCBrowser, In Quarantäne, [1292], [403633],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\UCBrowserPID, In Quarantäne, [1292], [403634],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.HTML, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.MHT, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.SHTM, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002_Classes\UCHTML, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.SHTML, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.WEBP, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.XHT, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\SOFTWARE\UCBrowser, In Quarantäne, [1292], [403633],1.0.3545
PUP.Optional.UCBrowser, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001_Classes\UCHTML.AssocFile.XHTML, In Quarantäne, [1292], [463320],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\UCBrowser, In Quarantäne, [1292], [407411],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\UCBrowser, In Quarantäne, [1292], [463314],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\UCBrowser, In Quarantäne, [1292], [407411],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\UCBrowserPID, In Quarantäne, [1292], [407412],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\UCBrowser, In Quarantäne, [1292], [463314],1.0.3545
Registrierungswert: 4
PUP.Optional.Kuaizip, HKU\S-1-5-21-3712444081-2832216142-1026754779-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\FILEEXTS\.bin\OPENWITHPROGIDS|KUAIZIPMOUNT.BIN, In Quarantäne, [1092], [392706],1.0.3545
PUP.Optional.Kuaizip, HKU\S-1-5-21-3712444081-2832216142-1026754779-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\FILEEXTS\.bin\OPENWITHPROGIDS|KUAIZIPMOUNT.BIN, In Quarantäne, [1092], [392706],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|UCBROWSER, In Quarantäne, [1292], [463315],1.0.3545
PUP.Optional.UCBrowser, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|UCBROWSER, In Quarantäne, [1292], [463315],1.0.3545
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter 23:06:33 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=208957af23c44247a5e59a1b7cf98669
# end=init
# utc_time=2017-12-22 22:06:33
# local_time=2017-12-22 23:06:33 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=10.0.16299 NT
23:06:36 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=208957af23c44247a5e59a1b7cf98669
# end=init
# utc_time=2017-12-22 22:06:36
# local_time=2017-12-22 23:06:36 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=10.0.16299 NT
23:07:00 Updating
23:07:00 Update Init
23:07:01 Update Download
23:09:41 esets_scanner_reload returned 0
23:09:41 g_uiModuleBuild: 35825
23:09:41 Update Finalize
23:09:41 Call m_esets_charon_send
23:09:41 Call m_esets_charon_destroy
23:09:41 Updated modules version: 35825
23:09:50 Call m_esets_charon_setup_create
23:09:50 Call m_esets_charon_create
23:09:50 m_esets_charon_create OK
23:09:50 Call m_esets_charon_start_send_thread
23:09:50 Call m_esets_charon_setup_set
23:09:50 m_esets_charon_setup_set OK
23:09:50 Scanner engine: 35825
09:30:23 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=208957af23c44247a5e59a1b7cf98669
# end=init
# utc_time=2017-12-23 08:30:22
# local_time=2017-12-23 09:30:22 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=10.0.16299 NT
09:30:30 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=208957af23c44247a5e59a1b7cf98669
# end=init
# utc_time=2017-12-23 08:30:30
# local_time=2017-12-23 09:30:30 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=10.0.16299 NT
09:30:47 Call m_esets_charon_setup_create
09:30:47 Call m_esets_charon_create
09:30:47 m_esets_charon_create OK
09:30:47 Call m_esets_charon_start_send_thread
09:30:47 Call m_esets_charon_setup_set
09:30:47 m_esets_charon_setup_set OK
09:30:47 Updating
09:30:47 Update Init
09:30:56 Call m_esets_charon_setup_create
09:30:56 Call m_esets_charon_create
09:30:56 m_esets_charon_setup_set ERROR
09:30:56 Update Download
09:31:16 esets_scanner_reload returned 0
09:31:16 g_uiModuleBuild: 35829
09:31:16 Update Finalize
09:31:16 Call m_esets_charon_send
09:31:16 Call m_esets_charon_destroy
09:31:16 Updated modules version: 35829
09:31:25 Call m_esets_charon_setup_create
09:31:25 Call m_esets_charon_create
09:31:25 m_esets_charon_setup_set ERROR
09:31:25 Scanner engine: 35829
12:20:40 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=208957af23c44247a5e59a1b7cf98669
# engine=35829
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2017-12-23 11:20:40
# local_time=2017-12-23 12:20:40 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=10.0.16299 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 47167 7335561 0 0
# scanned=2
# found=6
# cleaned=0
# scan_time=10162
sh=3E9A0CC62904DD77E261C4BABF36B7FBE9712570 ft=1 fh=0000000000000000 vn="Variante von Win32/Toolbar.Crossrider.DS eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Christoph\AppData\Local\win2day Poker\internalSetupPokerUninstall1504036343008_na_de.exe"
sh=15A13D42695801E7E180C69D6E022E899C65677D ft=1 fh=0000000000000000 vn="Variante von Win32/Toolbar.Crossrider.DS eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Christoph\Downloads\SetupPoker.exe"
sh=E9A1BD84C0EB1B48223F002E34EF9ED5A167CC33 ft=1 fh=0000000000000000 vn="Variante von Win32/Systweak.U eventuell unerwünschte Anwendung,Variante von Win32/Systweak.Q eventuell unerwünschte Anwendung,MSIL/AdvancedSystemProtector.D eventuell unerwünschte Anwendung,Win32/Systweak.B eventuell unerwünschte Anwendung" ac=I fn="I:\!ONKEL KOPIE FOTOS LAPTOP\Downloads\rcpsetup_marim_marm.exe"
sh=850FACB3BB327B45DD98B3ACFA2664DC9825873D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A eventuell unerwünschte Anwendung" ac=I fn="I:\Fotos Handy Nasti\back-up_9.4.2015\download\texas_inmobi-deyu-dzpk.apk"
sh=850FACB3BB327B45DD98B3ACFA2664DC9825873D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppFlood.A eventuell unerwünschte Anwendung" ac=I fn="I:\Handy NW\Handy_Sync_030115\download\texas_inmobi-deyu-dzpk.apk"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Toolbar.Crossrider.DS eventuell unerwünschte Anwendung,ist OK" ac=I fn="${Startup}"
14:19:15 Call m_esets_charon_send
14:19:15 Call m_esets_charon_destroy
14:19:16 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Christoph\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
Weihnachtsvorbereitungen waren etwas stressig... securitycheck Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 28.0.0.126 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MSASCuiL.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
23.12.2017, 21:13
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes scan 33 identifizierte Bedrohungen ... [B]FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Christoph\AppData\Local\win2day Poker
C:\Users\Christoph\Downloads\SetupPoker.exe
I:\!ONKEL KOPIE FOTOS LAPTOP\Downloads\rcpsetup_marim_marm.exe
I:\Fotos Handy Nasti\back-up_9.4.2015\download\texas_inmobi-deyu-dzpk.apk
I:\Handy NW\Handy_Sync_030115\download\texas_inmobi-deyu-dzpk.apk
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.12.2017, 02:21
| #15 |
| | Malwarebytes scan 33 identifizierte Bedrohungen ...Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-12-2017 01
durchgeführt von Christoph (26-12-2017 02:17:01) Run:1
Gestartet von C:\Users\Christoph\Desktop\FRST
Geladene Profile: Christoph (Verfügbare Profile: Christoph & Natascha)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Christoph\AppData\Local\win2day Poker
C:\Users\Christoph\Downloads\SetupPoker.exe
I:\!ONKEL KOPIE FOTOS LAPTOP\Downloads\rcpsetup_marim_marm.exe
I:\Fotos Handy Nasti\back-up_9.4.2015\download\texas_inmobi-deyu-dzpk.apk
I:\Handy NW\Handy_Sync_030115\download\texas_inmobi-deyu-dzpk.apk
emptytemp:
*****************
C:\Users\Christoph\AppData\Local\win2day Poker => erfolgreich verschoben
C:\Users\Christoph\Downloads\SetupPoker.exe => erfolgreich verschoben
I:\!ONKEL KOPIE FOTOS LAPTOP\Downloads\rcpsetup_marim_marm.exe => erfolgreich verschoben
I:\Fotos Handy Nasti\back-up_9.4.2015\download\texas_inmobi-deyu-dzpk.apk => erfolgreich verschoben
I:\Handy NW\Handy_Sync_030115\download\texas_inmobi-deyu-dzpk.apk => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29806684 B
Java, Flash, Steam htmlcache => 376809393 B
Windows/system/drivers => 29667862 B
Edge => 3599208 B
Chrome => 0 B
Firefox => 33748337 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 76286 B
Christoph => 18615300 B
Natascha => 164940352 B
RecycleBin => 0 B
EmptyTemp: => 633.8 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 02:17:49 ====
|
|
| Themen zu Malwarebytes scan 33 identifizierte Bedrohungen ... |
| .dll, adobe flash player, asus, avast, canon, defender, desktop, download, explorer, firefox, flash player, google analytics, home, homepage, log, malwarebytes, microsoft, mozilla, netgear, prozesse, realtek, registry, scan, super, svchost.exe, updates, windows, windowsapps, winlogon.exe |
Linear-Darstellung
