Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Proxy einstellungen lassen sich nicht ändern

Proxy einstellungen lassen sich nicht ändern


Plagegeister aller Art und deren Bekämpfung: Proxy einstellungen lassen sich nicht ändern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 3 1 23
Alt 10.12.2017, 19:02   #1
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Hallo,
Ich habe das Problem, dass ich meine Proxyeinstellungen nicht ändern kann.
Wenn ich in den Internetoptionen bin steht unten "Einige Einstellungen werden vom Systemadministrator verwaltet"(s. Screenshot) und die Schaltfläche "Lan-Einstellungen" ist ausgegraut.
Plattformen wie Steam können sich auch nicht mit den Servern verbinden.
Ich bin in Sachen Internet ein Leihe und hoffe das mir hier jemand helfen kann.
Danke schonmal im Vorraus.
Angehängte Grafiken
Dateityp: jpg Screenshot (10).jpg (36,7 KB, 1005x aufgerufen)

Alt 11.12.2017, 09:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 11.12.2017, 14:53   #3
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

FRST.txt (Teil1)


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2017
durchgeführt von fabiw (Administrator) auf DESKTOP-J2934L2 (11-12-2017 14:38:18)
Gestartet von C:\Users\fabiw\Downloads
Geladene Profile: fabiw (Verfügbare Profile: fabiw)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\wallpaperservice32_c.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.6.319.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\wallpaper32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\webwallpaper32.exe
() C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\webwallpaper32.exe
() C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\webwallpaper32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Windows\System\cm106eye.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-20] (Logitech Inc.)
HKLM\...\Run: [Cm106Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm106.dll,CMICtrlWnd
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1052488 2017-11-26] ()
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [5027008 2017-10-26] (Disc Soft Ltd)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [Spotify Web Helper] => C:\Users\fabiw\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-23] (Spotify Ltd)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [Spotify] => C:\Users\fabiw\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-23] (Spotify Ltd)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2031864 2017-11-30] (Wargaming.net)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Run: [GoogleDriveFS] => "C:\Program Files\Google\Drive File Stream\25.1.99.2312\GoogleDriveFS.exe"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\MountPoints2: {010e3a3f-cebc-11e7-a0fc-f0038c216a7a} - "E:\setup.exe" 
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\MountPoints2: {93175153-2489-11e7-a0e9-806e6f6e6963} - "D:\AUTORUN.EXE" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ACHTUNG (Beschränkung - ProxySettings)
ProxyEnable: [HKLM] => Proxy ist aktiviert.
ProxyEnable: [HKLM-x32] => Proxy ist aktiviert.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{664e5d71-033e-40b2-9d9c-79f9db8c22cc}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b1b2f734-9541-493c-be60-ebf35e976eac}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{bfc26c68-e567-4ebb-a379-57f5be2ec3a1}: [DhcpNameServer] 192.168.178.1
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3201623140-884167320-1932495159-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D111817-A2D586A4510&form=CONBDF&conlogo=CT3335800&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3201623140-884167320-1932495159-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D111817-A2D586A4510&form=CONBDF&conlogo=CT3335800&q={searchTerms}
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-11-06] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-11-16] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-11-06] (McAfee, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-11-06] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-11-06] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-11-02] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-11-02] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: 4mlwhubt.default
FF ProfilePath: C:\Users\fabiw\AppData\Roaming\Mozilla\Firefox\Profiles\4mlwhubt.default [2017-12-11]
FF Homepage: Mozilla\Firefox\Profiles\4mlwhubt.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\4mlwhubt.default -> hxxp://www.bing.com/?pc=COSP&ptag=D111817-A2D586A4510&form=CONMHP&conlogo=CT3335800
FF NetworkProxy: Mozilla\Firefox\Profiles\4mlwhubt.default -> type", 0
FF Extension: (Adblock Plus) - C:\Users\fabiw\AppData\Roaming\Mozilla\Firefox\Profiles\4mlwhubt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-23]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (Kein Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2017-10-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-04] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-11-02] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-16] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-11-02] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-11-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-30] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default [2017-12-10]
CHR Extension: (Docs) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-01]
CHR Extension: (Google Drive) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-12-01]
CHR Extension: (Google Docs Offline) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-04]
CHR Extension: (Local SWF Player) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmbckedabpbgjagmkgcejooabcdnone [2017-12-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-12-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\fabiw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3201623140-884167320-1932495159-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\fabiw\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-12-02]
CHR HKU\S-1-5-21-3201623140-884167320-1932495159-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-11-28] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-11-17] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [5680320 2017-10-26] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-20] (Logitech Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2017-11-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [728296 2017-10-24] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.6.319.0\\McCSPServiceHost.exe [2145496 2017-09-27] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [357840 2017-09-14] (McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-14] (McAfee LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [466384 2017-09-14] (McAfee LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1622856 2017-10-24] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-12-03] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-12-03] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-11-26] (Overwolf LTD)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (Intel Security, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH)
R2 Wallpaper Engine Service; C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\wallpaperservice32_c.exe [21504 2016-12-20] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-11] (Zhuhai Kingsoft Office Software Co.,Ltd)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [119320 2016-11-14] (ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2016-07-26] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [608656 2016-11-28] (Qualcomm)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77296 2017-09-15] (McAfee LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel Corporation)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2017-11-22] (Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2017-11-22] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel Corporation)
R1 googledrivefs2220; C:\WINDOWS\System32\DRIVERS\googledrivefs2220.sys [88984 2017-11-07] (Google, Inc.)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7394296 2016-10-06] (Intel Corporation)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-10-20] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-20] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-10-20] (Logitech Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492520 2017-09-15] (McAfee LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355304 2017-09-15] (McAfee LLC)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84024 2017-09-15] (McAfee LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [505328 2017-09-15] (McAfee LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [936936 2017-09-15] (McAfee LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [505768 2017-11-14] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-14] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115184 2017-09-15] (McAfee LLC)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252904 2017-09-15] (McAfee LLC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
R3 USBMULCD; C:\WINDOWS\system32\drivers\CM10664.sys [4135936 2014-01-17] (C-Media Electronics Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
__________________
Alt 11.12.2017, 14:56   #4
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

FRST.txt (Teil2)


Code:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-12-11 14:38 - 2017-12-11 14:39 - 000025211 _____ C:\Users\fabiw\Downloads\FRST.txt
2017-12-11 14:38 - 2017-12-11 14:38 - 000000000 ____D C:\FRST
2017-12-11 14:37 - 2017-12-11 14:37 - 002390528 _____ (Farbar) C:\Users\fabiw\Downloads\FRST64.exe
2017-12-11 14:25 - 2017-12-11 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-12-10 18:39 - 2017-12-10 18:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-3201623140-884167320-1932495159-1001
2017-12-10 18:27 - 2017-12-10 18:27 - 000116504 _____ (iWin inc.) C:\Users\fabiw\Downloads\deal-or-no-dealSetup.exe
2017-12-10 18:27 - 2017-12-10 18:27 - 000116504 _____ (iWin inc.) C:\Users\fabiw\Downloads\deal-or-no-dealSetup(1).exe
2017-12-09 15:49 - 2017-12-09 15:49 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\Abelssoft Undeleter Vollversion - CHIP-Installer.exe
2017-12-09 15:47 - 2017-12-09 15:54 - 000000000 ____D C:\AdwCleaner
2017-12-09 15:46 - 2017-12-09 15:46 - 008172032 _____ (Malwarebytes) C:\Users\fabiw\Downloads\adwcleaner_7.0.5.0.exe
2017-12-09 14:37 - 2017-12-11 14:25 - 000003606 _____ C:\WINDOWS\System32\Tasks\McAfee DAT Built in test
2017-12-09 13:42 - 2017-12-09 13:42 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Counter-Strike Online
2017-12-09 13:36 - 2017-12-09 15:17 - 000000000 ____D C:\Users\fabiw\AppData\Local\CSO
2017-12-09 13:36 - 2017-12-09 13:36 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Counter-Strike Nexon Zombies
2017-12-09 13:36 - 2017-12-09 13:36 - 000000000 ____D C:\ProgramData\Nexon
2017-12-09 13:35 - 2017-12-09 13:35 - 000000016 _____ C:\ProgramData\mntemp
2017-12-07 20:27 - 2017-12-07 20:27 - 000252787 _____ C:\Users\fabiw\Downloads\Reli1.odp.pptx
2017-12-07 20:27 - 2017-12-07 20:27 - 000206159 _____ C:\Users\fabiw\Downloads\Reli1(1).odp
2017-12-07 16:14 - 2017-12-07 16:16 - 000001271 _____ C:\Users\fabiw\Desktop\nativelog.txt
2017-12-06 18:21 - 2017-12-06 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker FreeOffice 2016
2017-12-06 18:20 - 2017-12-06 18:22 - 000000000 ____D C:\Program Files (x86)\SoftMaker FreeOffice 2016
2017-12-06 18:20 - 2017-12-06 18:21 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\SoftMaker
2017-12-06 18:20 - 2017-12-06 18:21 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\SoftMaker
2017-12-06 18:14 - 2017-12-06 18:16 - 082255696 _____ (SoftMaker Software GmbH) C:\Users\fabiw\Downloads\freeoffice2016.exe
2017-12-06 17:06 - 2017-12-06 17:06 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\FeedbackHub
2017-12-05 19:27 - 2017-12-05 19:27 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\wmd_symbol_cache
2017-12-05 19:27 - 2017-12-05 19:27 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Project CARS
2017-12-05 19:04 - 2017-12-05 19:41 - 000000000 ____D C:\Program Files\Project CARS
2017-12-05 19:04 - 2017-12-05 19:04 - 000000601 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2017-12-05 19:04 - 2017-12-05 19:04 - 000000589 _____ C:\Users\Public\Desktop\Project CARS.lnk
2017-12-04 22:08 - 2017-12-04 22:08 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\EA Games
2017-12-04 20:49 - 2017-12-04 20:49 - 000206159 _____ C:\Users\fabiw\Downloads\Reli1.odp
2017-12-04 19:12 - 2017-12-09 20:05 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9601D68-CCE7-4706-989E-4231D0C914FF}
2017-12-04 19:10 - 2017-12-04 19:10 - 001792817 _____ C:\Users\fabiw\Downloads\f2fff4eb-36b6-4923-8f24-baabc75ed70a.swf
2017-12-04 19:10 - 2017-12-04 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdf2swf
2017-12-04 19:10 - 2017-12-04 19:10 - 000000000 ____D C:\Program Files (x86)\SWFTools
2017-12-04 19:08 - 2017-12-04 19:09 - 014122496 _____ C:\Users\fabiw\Downloads\swftools-0.9.0.exe
2017-12-04 19:07 - 2017-12-04 19:07 - 001792817 _____ C:\Users\fabiw\Downloads\XVMEditor.swf
2017-12-04 19:07 - 2017-12-04 19:07 - 000004644 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-12-04 19:05 - 2017-12-04 19:07 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-04 19:04 - 2017-12-04 19:05 - 060359953 _____ C:\Users\fabiw\Downloads\FlashPlayer2700187.zip
2017-12-04 18:48 - 2017-12-04 18:48 - 000000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2017-12-04 18:48 - 2017-12-04 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-04 18:48 - 2017-12-04 18:48 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-12-04 18:47 - 2017-12-04 18:47 - 000001447 _____ C:\Users\Public\Desktop\Mirror's Edge.lnk
2017-12-04 18:47 - 2017-12-04 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2017-12-04 18:43 - 2017-12-04 18:44 - 006654296 _____ (XVM team ) C:\Users\fabiw\Downloads\xvm-7.2.4.exe
2017-12-04 18:24 - 2017-12-04 18:24 - 000000000 ____D C:\Program Files (x86)\Electronic Arts
2017-12-04 15:55 - 2017-12-04 15:56 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Mirrors Edge Catalyst
2017-12-04 15:23 - 2017-12-04 15:23 - 000001161 _____ C:\Users\Public\Desktop\Mirror's Edge™ Catalyst.lnk
2017-12-04 14:57 - 2017-12-04 15:55 - 000000000 ____D C:\Program Files (x86)\Origin Games
2017-12-04 14:28 - 2017-12-04 14:29 - 058818504 _____ (Skype Technologies S.A.) C:\Users\fabiw\Downloads\SkypeSetupFull.exe
2017-12-04 14:12 - 2017-12-04 14:12 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\Skype - CHIP-Installer.exe
2017-12-03 17:57 - 2017-12-04 23:33 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Origin
2017-12-03 17:57 - 2017-12-03 17:57 - 000001064 _____ C:\Users\Public\Desktop\Origin.lnk
2017-12-03 17:57 - 2017-12-03 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-12-03 17:57 - 2017-12-03 17:57 - 000000000 ____D C:\Program Files (x86)\Origin
2017-12-03 17:50 - 2017-12-04 14:57 - 000000000 ____D C:\Users\fabiw\AppData\Local\Origin
2017-12-03 17:50 - 2017-12-03 17:50 - 000000000 ____D C:\Users\fabiw\.QtWebEngineProcess
2017-12-03 17:50 - 2017-12-03 17:50 - 000000000 ____D C:\Users\fabiw\.Origin
2017-12-03 17:42 - 2017-12-07 16:15 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\.minecraft
2017-12-03 17:38 - 2017-12-03 17:41 - 062397600 _____ (Electronic Arts) C:\Users\fabiw\Downloads\OriginThinSetup.exe
2017-12-03 17:36 - 2017-12-04 23:33 - 000000000 ____D C:\ProgramData\Origin
2017-12-03 14:18 - 2017-12-03 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirror's Edge™ Catalyst
2017-12-03 13:26 - 2017-12-03 17:43 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-12-03 13:26 - 2017-12-03 13:26 - 000001032 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-12-03 13:26 - 2017-12-03 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-12-03 12:57 - 2017-12-03 12:57 - 002314240 _____ C:\Users\fabiw\Downloads\MinecraftInstaller.msi
2017-12-03 12:44 - 2017-12-03 12:44 - 001005568 _____ (Microsoft Corporation) C:\Users\fabiw\Downloads\dotNetFx45_Full_setup.exe
2017-12-03 12:33 - 2017-12-03 12:33 - 000000000 ____D C:\ProgramData\Steam
2017-12-03 12:21 - 2017-12-03 12:21 - 000000000 ____D C:\ProgramData\Curse Client
2017-12-03 12:19 - 2017-12-03 12:19 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Curse
2017-12-03 12:10 - 2017-12-03 12:10 - 000000000 ____D C:\ProgramData\Twitch
2017-12-03 11:43 - 2017-12-03 11:43 - 000000960 _____ C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-12-03 11:41 - 2017-12-10 20:27 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Twitch
2017-12-03 11:32 - 2017-12-03 11:32 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\Twitch Desktop App ehemals Curse Client - CHIP-Installer.exe
2017-12-03 11:21 - 2017-12-03 11:54 - 000000000 ____D C:\Users\fabiw\Desktop\ProjectCars
2017-12-01 22:32 - 2017-12-07 22:11 - 000000000 ____D C:\Users\fabiw\Desktop\Reli
2017-12-01 19:32 - 2017-12-04 16:15 - 000000000 ____D C:\Users\fabiw\AppData\LocalLow\uTorrent
2017-12-01 18:52 - 2017-12-01 18:52 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-01 18:50 - 2017-12-01 18:51 - 000000000 ____D C:\Users\fabiw\Desktop\Project CARS
2017-12-01 18:48 - 2017-12-04 16:16 - 000000000 ____D C:\Users\fabiw\Desktop\Mirrors Edge
2017-12-01 18:48 - 2017-12-01 18:48 - 001129816 _____ (Google Inc.) C:\Users\fabiw\Downloads\ChromeSetup.exe
2017-12-01 11:12 - 2017-12-01 11:14 - 000000094 ____H C:\Users\fabiw\Desktop\.~lock.reliii1)-1.odp#
2017-12-01 11:02 - 2017-12-01 11:02 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\LibreOffice
2017-12-01 10:39 - 2017-12-01 10:39 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Benutzerdefinierte Office-Vorlagen
2017-12-01 09:51 - 2017-12-01 09:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-11-30 18:20 - 2017-11-30 18:20 - 000000000 ____D C:\Users\fabiw\Desktop\123
2017-11-30 17:56 - 2017-12-05 19:49 - 000001196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk
2017-11-30 17:56 - 2017-11-07 15:09 - 000088984 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs2220.sys
2017-11-30 17:55 - 2017-11-30 17:55 - 000000000 ____D C:\Program Files\Google
2017-11-30 17:51 - 2017-11-30 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-30 17:48 - 2017-11-30 17:49 - 001064352 _____ (Google Inc.) C:\Users\fabiw\Downloads\googledrivefilestream.exe
2017-11-30 17:47 - 2017-12-04 14:27 - 000000000 ____D C:\Users\fabiw\AppData\Local\Google
2017-11-30 17:47 - 2017-12-01 18:51 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-30 17:47 - 2017-11-30 17:47 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-30 17:47 - 2017-11-30 17:47 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-30 17:46 - 2017-11-30 17:46 - 001129816 _____ (Google Inc.) C:\Users\fabiw\Downloads\installbackupandsync.exe
2017-11-30 17:43 - 2017-11-30 17:44 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2017-11-30 17:41 - 2017-11-30 17:42 - 000000000 ____D C:\Program Files\LibreOffice 5
2017-11-30 17:33 - 2017-12-04 18:24 - 000000000 ____D C:\Program Files\KMSpico
2017-11-30 17:33 - 2017-11-30 17:33 - 000003476 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-11-30 17:32 - 2017-11-30 17:35 - 000000000 ____D C:\Users\fabiw\Desktop\Office 2016
2017-11-30 17:13 - 2017-11-30 17:13 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Skype
2017-11-30 17:12 - 2017-11-30 17:12 - 000002543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-11-30 17:12 - 2017-11-30 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-11-30 17:09 - 2017-11-30 17:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-30 16:44 - 2017-12-08 16:21 - 000000000 ____D C:\Users\fabiw\Desktop\Programme
2017-11-30 16:43 - 2017-11-30 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-11-30 16:43 - 2017-11-30 16:43 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-11-30 16:43 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-11-30 16:33 - 2017-11-30 16:33 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\LibreOffice 64 Bit - CHIP-Installer.exe
2017-11-30 16:13 - 2017-11-30 16:16 - 001616580 _____ C:\WINDOWS\Minidump\113017-31703-01.dmp
2017-11-30 16:13 - 2017-11-30 16:13 - 673334043 _____ C:\WINDOWS\MEMORY.DMP
2017-11-30 16:13 - 2017-11-30 16:13 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-28 21:24 - 2017-12-09 14:32 - 000000000 ____D C:\Users\fabiw\AppData\Local\ElevatedDiagnostics
2017-11-28 19:04 - 2017-11-28 19:07 - 000000000 ____D C:\Users\fabiw\Desktop\Plague Inc Evolved
2017-11-28 19:02 - 2017-11-28 19:03 - 452113252 _____ C:\Users\fabiw\Downloads\Plague Inc Evolved.rar
2017-11-28 18:35 - 2017-11-28 18:35 - 000000000 ____D C:\Users\fabiw\AppData\Local\Ndemic Creations
2017-11-28 17:48 - 2017-11-28 17:48 - 000000833 _____ C:\Users\fabiw\Desktop\World of Tanks - Common Test.lnk
2017-11-28 17:48 - 2017-11-28 17:48 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2017-11-28 17:45 - 2017-11-28 17:45 - 004227312 _____ (Wargaming.net ) C:\Users\fabiw\Downloads\WoT_internet_install_ct.exe
2017-11-27 19:16 - 2017-11-27 19:25 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\Euro Truck Simulator 2
2017-11-25 18:14 - 2017-12-07 16:15 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-11-25 18:12 - 2017-11-25 18:15 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2017-11-25 18:12 - 2017-11-25 18:12 - 000001842 _____ C:\Users\fabiw\Desktop\Game Center.lnk
2017-11-25 17:54 - 2017-11-25 17:54 - 000000000 ____D C:\ProgramData\Wargaming.net
2017-11-25 17:52 - 2017-11-25 17:54 - 006375008 _____ (Wargaming.net (c) 2009-2017 ) C:\Users\fabiw\Downloads\world_of_warships_install_eu_bhcsjcmqdhtq.exe
2017-11-23 22:17 - 2017-11-23 22:24 - 000000000 ____D C:\Users\fabiw\AppData\Local\Spotify
2017-11-23 22:17 - 2017-11-23 22:17 - 000001838 _____ C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-11-23 21:57 - 2017-11-23 22:22 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Spotify
2017-11-23 21:56 - 2017-11-23 21:57 - 000723152 _____ (Spotify Ltd) C:\Users\fabiw\Downloads\SpotifySetup.exe
2017-11-23 19:12 - 2017-11-23 19:12 - 000000000 ____D C:\Users\fabiw\AppData\Local\Notepad++
2017-11-23 19:05 - 2017-11-23 19:31 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Notepad++
2017-11-23 19:05 - 2017-11-23 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-11-23 19:05 - 2017-11-23 19:05 - 000000000 ____D C:\Program Files\Notepad++
2017-11-23 19:02 - 2017-11-23 19:05 - 000000000 ____D C:\Program Files (x86)\Notepad++
2017-11-23 19:00 - 2017-11-23 19:01 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\Notepad - CHIP-Installer.exe
2017-11-23 18:52 - 2017-11-30 18:22 - 000000000 ____D C:\Wallpapers
2017-11-22 22:25 - 2017-11-22 22:25 - 000072298 _____ C:\Users\fabiw\OneDrive\Dokumente\cc_20171122_222515.reg
2017-11-22 22:20 - 2017-11-22 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-11-22 22:20 - 2017-11-22 22:20 - 000000000 ____D C:\Program Files\CCleaner
2017-11-22 22:19 - 2017-11-22 22:20 - 007855032 _____ (Piriform Ltd) C:\Users\fabiw\Downloads\ccsetup536_slim.exe
2017-11-22 22:13 - 2017-11-22 22:13 - 1337357287 _____ C:\Users\fabiw\Downloads\Wallpaper Engine (Wallpaper Pack).rar
2017-11-22 21:39 - 2017-12-01 22:32 - 000000000 ____D C:\Users\fabiw\Desktop\Games
2017-11-22 21:33 - 2017-11-22 22:14 - 000000000 ____D C:\Users\fabiw\Desktop\Wallpapers
2017-11-22 20:25 - 2017-11-22 20:25 - 000000000 ____D C:\Users\fabiw\Desktop\Wallpaper Engine
2017-11-22 19:31 - 2017-11-22 19:31 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Kalypso Media
2017-11-22 19:31 - 2017-11-22 19:31 - 000000000 ____D C:\Users\fabiw\AppData\LocalLow\Realmforge Studios GmbH
2017-11-22 19:31 - 2017-11-22 19:31 - 000000000 ____D C:\Users\fabiw\AppData\Local\Kalypso Media
2017-11-22 19:28 - 2017-11-22 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeons 3
2017-11-22 19:25 - 2017-11-22 19:28 - 000000000 ____D C:\Program Files (x86)\Dungeons 3
2017-11-22 19:15 - 2017-11-22 19:15 - 000047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrausbbus.sys
2017-11-22 19:15 - 2017-11-22 19:15 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrascsibus.sys
2017-11-22 19:15 - 2017-11-22 19:15 - 000000000 ____D C:\Users\fabiw\AppData\Local\Disc_Soft_Ltd
2017-11-22 19:14 - 2017-11-22 19:15 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\DAEMON Tools Ultra
2017-11-22 19:14 - 2017-11-22 19:15 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2017-11-22 19:14 - 2017-11-22 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2017-11-22 19:14 - 2017-11-22 19:14 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra
2017-11-22 19:12 - 2017-11-22 19:13 - 029845128 _____ (Disc Soft Ltd) C:\Users\fabiw\Downloads\DAEMONToolsUltra520-0644.exe
2017-11-22 17:38 - 2017-11-22 17:38 - 000000000 ____D C:\Users\fabiw\Desktop\Dungeons 3
2017-11-18 21:34 - 2017-12-08 16:24 - 000002263 _____ C:\Users\fabiw\Desktop\WhatsApp.lnk
2017-11-18 21:34 - 2017-12-08 16:24 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-11-18 21:33 - 2017-12-08 16:35 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\WhatsApp
2017-11-18 21:33 - 2017-12-08 16:24 - 000000000 ____D C:\Users\fabiw\AppData\Local\WhatsApp
2017-11-18 21:33 - 2017-12-08 16:22 - 000000000 ____D C:\Users\fabiw\AppData\Local\SquirrelTemp
2017-11-18 21:08 - 2017-11-18 21:08 - 000000000 ____D C:\Users\fabiw\AppData\Local\Downloaded Installations
2017-11-18 21:06 - 2017-11-18 21:06 - 001533960 _____ (CHIP Digital GmbH) C:\Users\fabiw\Downloads\WhatsAppSetup68 - CHIP-Installer.exe
2017-11-18 16:04 - 2017-11-23 21:05 - 000000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-11-18 14:54 - 2017-11-18 14:54 - 000000270 _____ C:\WINDOWS\Cm106.ini.imi
2017-11-18 14:54 - 2017-11-18 14:54 - 000000219 _____ C:\WINDOWS\system\Cm106.ini
2017-11-18 14:54 - 2017-11-18 14:54 - 000000207 _____ C:\WINDOWS\Cm106.ini.cfl
2017-11-18 14:54 - 2017-11-18 14:54 - 000000125 _____ C:\WINDOWS\system\Dlap.pfx
2017-11-18 14:54 - 2015-10-20 10:08 - 000000599 ____N C:\WINDOWS\cm106.ini
2017-11-18 14:54 - 2015-08-20 13:34 - 000002033 ____N C:\WINDOWS\Cm106.ini.cfg
2017-11-18 14:54 - 2015-08-11 12:50 - 013463552 ____N (C-Media Corporation) C:\WINDOWS\SysWOW64\CM106.dll
2017-11-18 14:54 - 2015-05-06 17:07 - 000834560 ____N C:\WINDOWS\system32\Cmeau106.exe
2017-11-18 14:54 - 2013-10-16 09:55 - 000143360 ____N C:\WINDOWS\Vmix106.dll
2017-11-18 14:54 - 2013-05-16 15:21 - 000307200 ____N C:\WINDOWS\system\cm106eye.exe
2017-11-18 14:54 - 2012-06-04 13:15 - 004533760 ____N C:\WINDOWS\system32\CM106.cpl
2017-11-18 14:54 - 2009-08-20 00:00 - 000359424 ____N C:\WINDOWS\system32\CmiInstallResAll64.dll
2017-11-18 14:54 - 2006-10-06 13:45 - 000524768 _____ (Microsoft Corporation) C:\WINDOWS\difxapi.dll
2017-11-18 14:54 - 2006-09-13 12:08 - 000491520 ____N () C:\WINDOWS\system\cmau106.dll
2017-11-18 14:54 - 2006-09-13 09:21 - 000200704 ____N (C-Media) C:\WINDOWS\SysWOW64\cmpa106.dll
2017-11-18 14:45 - 2017-11-18 14:58 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\SpinTires MudRunner
2017-11-18 14:45 - 2017-11-18 14:45 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\SmartSteamEmu
2017-11-18 14:42 - 2017-11-18 14:42 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\WinRAR
2017-11-18 14:41 - 2017-11-18 14:41 - 000001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-11-18 14:41 - 2017-11-18 14:41 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-18 14:41 - 2017-11-18 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-11-18 14:41 - 2017-11-18 14:41 - 000000000 ____D C:\Program Files\WinRAR
2017-11-18 14:40 - 2017-11-18 14:40 - 002348288 _____ C:\Users\fabiw\Downloads\winrar-x64-550d.exe
2017-11-18 14:32 - 2017-11-18 14:33 - 000000000 ____D C:\Users\fabiw\AppData\Local\TeamViewer
2017-11-18 14:28 - 2017-12-06 16:26 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2017-11-18 14:27 - 2017-11-18 14:28 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\TeamViewer
2017-11-18 14:27 - 2017-09-18 11:53 - 000035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2017-11-18 14:19 - 2017-11-18 14:23 - 019201872 _____ (TeamViewer GmbH) C:\Users\fabiw\Downloads\TeamViewer_Setup.exe
2017-11-18 14:11 - 2017-12-09 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-11-18 14:11 - 2017-11-18 14:11 - 000000000 ____D C:\Users\fabiw\AppData\Local\Lavasoft
2017-11-18 14:10 - 2017-12-09 15:53 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Lavasoft
2017-11-18 14:10 - 2017-12-09 15:53 - 000000000 ____D C:\ProgramData\Lavasoft
2017-11-18 14:10 - 2017-12-09 15:53 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-11-18 14:09 - 2017-11-18 14:09 - 000002686 _____ C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-11-18 14:07 - 2017-12-04 23:32 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\uTorrent
2017-11-18 14:06 - 2017-11-18 14:06 - 002403520 _____ (BitTorrent Inc.) C:\Users\fabiw\Downloads\uTorrent350.exe
2017-11-18 12:24 - 2017-11-28 20:25 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-11-18 12:24 - 2017-11-18 12:24 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-11-18 12:23 - 2017-11-18 12:24 - 000000000 ____D C:\ProgramData\Overwolf
2017-11-18 12:22 - 2017-11-22 14:20 - 000000000 ____D C:\Users\fabiw\AppData\Local\Overwolf
2017-11-18 12:21 - 2017-12-04 22:50 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\TS3Client
2017-11-18 12:21 - 2017-11-18 12:21 - 000000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-11-18 12:21 - 2017-11-18 12:21 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-11-18 12:18 - 2017-11-18 12:20 - 078071056 _____ (TeamSpeak Systems GmbH) C:\Users\fabiw\Downloads\TeamSpeak3-Client-win64-3.1.6.exe
2017-11-18 10:13 - 2017-11-25 18:12 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Wargaming.net
2017-11-18 10:06 - 2017-11-18 10:06 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\My Games
2017-11-18 10:03 - 2017-12-11 14:24 - 000000000 ____D C:\ProgramData\Logishrd
2017-11-18 10:03 - 2017-11-18 10:03 - 000000000 ____D C:\Users\fabiw\AppData\Local\Logitech
2017-11-18 09:56 - 2017-12-11 14:25 - 000000000 ____D C:\Users\fabiw\AppData\LocalLow\Mozilla
2017-11-18 09:56 - 2017-11-18 10:18 - 000000000 ____D C:\Users\fabiw\AppData\Local\Mozilla
2017-11-18 09:56 - 2017-11-18 09:56 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Mozilla
2017-11-18 09:55 - 2017-12-01 09:51 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-11-18 09:55 - 2017-11-18 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-11-18 09:53 - 2017-11-18 09:56 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2017-11-18 09:53 - 2017-11-18 09:53 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-18 09:52 - 2017-11-18 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-18 09:52 - 2017-11-18 09:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-18 09:52 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-11-18 09:52 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-11-18 09:52 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-11-18 09:52 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-11-18 09:52 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-11-18 09:52 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-11-18 09:45 - 2017-11-18 09:45 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Logitech
2017-11-18 09:45 - 2017-11-18 09:45 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Logishrd
2017-11-17 16:55 - 2017-11-30 21:23 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-17 16:46 - 2017-11-17 16:47 - 000000000 ____D C:\Users\fabiw\AppData\Local\Steam
2017-11-17 16:42 - 2017-11-18 21:52 - 000000000 ____D C:\Users\fabiw\AppData\Local\Ubisoft Game Launcher
2017-11-17 16:42 - 2017-11-17 16:42 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-11-17 16:42 - 2017-11-17 16:42 - 000000000 ____D C:\Users\fabiw\AppData\Local\DBG
2017-11-17 16:42 - 2017-11-17 16:42 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2017-11-17 16:36 - 2017-12-10 18:23 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-17 16:36 - 2017-11-17 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-16 16:48 - 2017-11-16 16:48 - 000000000 ____D C:\Users\fabiw\OneDrive\Dokumente\League of Legends
2017-11-16 16:12 - 2017-11-16 16:12 - 000000000 ____D C:\Users\fabiw\AppData\Local\CEF
2017-11-16 16:12 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-11-16 16:12 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-11-16 16:12 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-11-16 16:10 - 2017-11-16 16:10 - 000000742 _____ C:\Users\fabiw\Downloads\Desktop - Verknüpfung.lnk
2017-11-16 09:44 - 2017-11-17 17:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-16 09:44 - 2017-11-17 17:21 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-16 09:44 - 2017-11-17 17:21 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-16 06:50 - 2017-11-16 06:50 - 000000000 ____D C:\ProgramData\Riot Games
2017-11-16 06:46 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-11-16 06:46 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-11-16 06:46 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-11-16 06:46 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-11-16 06:46 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-11-16 06:46 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-11-16 06:46 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-11-16 06:46 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-11-16 06:46 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-11-16 06:46 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-11-16 06:46 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-11-16 06:46 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-11-16 06:46 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-11-16 06:46 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-11-16 06:46 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-11-16 06:46 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-11-16 06:46 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-11-16 06:46 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-11-16 06:46 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-11-16 06:46 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-11-16 06:46 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-11-16 06:46 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-11-16 06:46 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-11-16 06:46 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-11-16 06:46 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-11-16 06:46 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-11-16 06:46 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-11-16 06:46 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-11-16 06:46 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-11-16 06:46 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-11-16 06:46 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-11-16 06:46 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-11-16 06:46 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-11-16 06:46 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-11-16 06:46 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-11-16 06:46 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-11-16 06:46 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-11-16 06:46 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-11-16 06:46 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-11-16 06:46 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-11-16 06:46 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-11-16 06:46 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-11-16 06:46 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-11-16 06:46 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-11-16 06:46 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-11-16 06:46 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-11-16 06:46 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-11-16 06:46 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-11-16 06:46 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-11-16 06:46 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-11-16 06:46 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-11-16 06:45 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-11-16 06:45 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-11-16 06:45 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-11-16 06:45 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-11-16 06:45 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-11-16 06:45 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-11-16 06:45 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-11-16 06:45 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-11-16 06:45 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-11-16 06:45 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-11-16 06:45 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-11-16 06:45 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-11-16 06:45 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-11-16 06:45 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-11-16 06:45 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-11-16 06:45 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-11-16 06:45 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-11-16 06:45 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-11-16 06:45 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-11-16 06:45 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-11-16 06:45 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-11-16 06:45 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-11-16 06:45 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-11-16 06:45 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-11-16 06:45 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-11-16 06:45 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-11-16 06:45 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-11-16 06:45 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-11-16 06:45 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-11-16 06:45 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-11-16 06:45 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-11-16 06:45 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-11-16 06:45 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-11-16 06:45 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-11-16 06:45 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-11-16 06:45 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-11-16 06:45 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-11-16 06:45 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-11-16 06:45 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-11-16 06:45 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-11-16 06:45 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-11-16 06:45 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-11-16 06:45 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-11-16 06:45 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-11-16 06:45 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-11-16 06:45 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-11-16 06:45 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-11-16 06:45 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-11-16 06:45 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-11-16 06:45 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-11-16 06:45 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-11-16 06:45 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-11-16 06:45 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-11-16 06:45 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-11-16 06:45 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-11-16 06:45 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-11-16 06:45 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-11-16 06:45 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-11-16 06:45 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-11-16 06:45 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-11-16 06:42 - 2017-11-16 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-11-16 06:42 - 2017-11-16 06:42 - 000000000 ____D C:\Riot Games
2017-11-16 06:35 - 2017-12-04 18:42 - 000000000 ____D C:\Games
2017-11-16 06:35 - 2017-11-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-11-16 06:35 - 2017-11-16 06:44 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2017-11-16 06:35 - 2017-11-16 06:42 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Riot Games
2017-11-16 06:35 - 2017-11-16 06:35 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2017-11-16 06:30 - 2017-11-16 06:30 - 000000000 ____D C:\Users\fabiw\AppData\Local\MicrosoftEdge
2017-11-16 06:30 - 2017-11-16 06:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-16 06:26 - 2017-11-16 06:26 - 000000020 ___SH C:\Users\fabiw\ntuser.ini
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Vorlagen
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Startmenü
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Eigene Dateien
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Druckumgebung
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Programme
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\ProgramData\Vorlagen
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\ProgramData\Startmenü
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\ProgramData\Dokumente
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-11-16 01:37 - 2017-11-16 01:37 - 000000000 _SHDL C:\Dokumente und Einstellungen
2017-11-16 01:34 - 2017-11-16 01:35 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-16 01:34 - 2017-11-16 01:35 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-16 01:19 - 2017-11-16 01:19 - 000022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-16 01:18 - 2017-12-09 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-16 01:18 - 2017-11-30 17:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-11-16 01:18 - 2017-11-30 17:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUSTek Computer Inc
2017-11-16 01:18 - 2017-11-30 17:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-11-16 01:18 - 2017-11-28 14:18 - 004456680 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-16 01:09 - 2017-11-16 01:09 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-16 01:00 - 2017-11-16 01:09 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-16 00:57 - 2017-12-09 16:05 - 000000000 ____D C:\Users\fabiw
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Vorlagen
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Startmenü
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Netzwerkumgebung
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Lokale Einstellungen
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Eigene Dateien
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Druckumgebung
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\AppData\Local\Verlauf
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\AppData\Local\Anwendungsdaten
2017-11-16 00:57 - 2017-11-16 00:57 - 000000000 _SHDL C:\Users\fabiw\Anwendungsdaten
2017-11-16 00:55 - 2017-11-16 00:55 - 000319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2017-11-16 00:55 - 2017-11-16 00:55 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2017-11-16 00:55 - 2017-11-16 00:55 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-16 00:55 - 2017-11-16 00:55 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-11-16 00:54 - 2017-12-11 14:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-16 00:54 - 2017-11-16 01:02 - 000000000 ____D C:\Program Files\Intel
2017-11-16 00:54 - 2017-11-16 00:54 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-11-16 00:54 - 2017-11-16 00:54 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-16 00:54 - 2017-11-16 00:54 - 000000000 ____D C:\Program Files\Realtek
2017-11-16 00:54 - 2017-11-16 00:54 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-11-16 00:54 - 2016-10-06 14:17 - 000095232 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-11-16 00:54 - 2016-10-06 14:17 - 000091128 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-11-16 00:51 - 2017-11-16 00:51 - 000000000 ____D C:\ProgramData\USOShared
2017-11-16 00:43 - 2017-03-18 21:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-16 00:39 - 2017-12-11 14:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-16 00:39 - 2017-12-09 11:48 - 000503024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 00:32 - 2017-11-28 20:59 - 000000000 ____D C:\Windows.old
2017-11-16 00:23 - 2017-11-16 00:23 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 00:23 - 2017-11-16 00:23 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 00:23 - 2017-11-16 00:23 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 00:23 - 2017-11-16 00:23 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-11-16 00:23 - 2017-11-16 00:23 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-16 00:23 - 2017-11-16 00:23 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-11-16 00:23 - 2017-11-16 00:23 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-11-16 00:23 - 2017-11-16 00:23 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-11-16 00:23 - 2017-11-16 00:23 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-11-16 00:22 - 2017-11-16 00:22 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-11-16 00:22 - 2017-11-16 00:22 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-11-16 00:22 - 2017-11-16 00:22 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 00:22 - 2017-11-16 00:22 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-11-16 00:22 - 2017-11-16 00:22 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-11-16 00:22 - 2017-11-16 00:22 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-11-16 00:22 - 2017-11-16 00:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-16 00:22 - 2017-11-16 00:22 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-11-16 00:22 - 2017-11-16 00:22 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000259992 _____ (Microsoft Corporation)

Alt 11.12.2017, 14:59   #5
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

FRST.txt (Teil3) (Ende)


Code:
ATTFilter
C:\WINDOWS\system32\aepic.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 00:22 - 2017-11-16 00:22 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 00:22 - 2017-11-16 00:22 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-11-16 00:22 - 2017-11-16 00:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 00:22 - 2017-11-16 00:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 00:22 - 2017-11-16 00:22 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 00:22 - 2017-11-16 00:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 23:40 - 2017-11-28 14:18 - 000893238 _____ C:\WINDOWS\system32\perfh00C.dat
2017-11-15 23:40 - 2017-11-28 14:18 - 000213516 _____ C:\WINDOWS\system32\perfc00C.dat
2017-11-15 23:40 - 2017-11-16 00:29 - 000000000 ____D C:\WINDOWS\system32\fr
2017-11-15 23:40 - 2017-11-15 23:40 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2017-11-15 23:40 - 2017-11-15 23:40 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2017-11-15 23:40 - 2017-11-15 23:40 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2017-11-15 23:32 - 2017-11-28 14:18 - 000888778 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-15 23:32 - 2017-11-28 14:18 - 000217802 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-15 23:32 - 2017-11-16 00:29 - 000000000 ____D C:\WINDOWS\system32\nl
2017-11-15 23:32 - 2017-11-15 23:32 - 000000000 ____D C:\WINDOWS\SysWOW64\nl
2017-11-15 23:32 - 2017-11-15 23:31 - 000347800 _____ C:\WINDOWS\system32\perfi013.dat
2017-11-15 23:32 - 2017-11-15 23:31 - 000045450 _____ C:\WINDOWS\system32\perfd013.dat
2017-11-15 23:17 - 2017-11-16 00:39 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-15 23:17 - 2017-11-15 23:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-15 23:14 - 2017-11-23 17:30 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-11-15 23:14 - 2017-11-15 23:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-15 23:14 - 2017-11-15 23:14 - 000000000 ____D C:\Program Files\MSBuild
2017-11-15 23:14 - 2017-11-15 23:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-15 23:14 - 2017-11-15 23:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-15 23:12 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-15 23:12 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-15 23:12 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-15 23:12 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-15 23:12 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-15 23:12 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-15 22:59 - 2017-11-15 22:59 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-11-15 21:38 - 2017-11-22 22:23 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-15 21:34 - 2017-11-15 21:38 - 000000036 _____ C:\WINDOWS\progress.ini
2017-11-15 20:59 - 2017-11-15 20:59 - 000000000 ____D C:\Users\fabiw\AppData\Local\NetworkTiles
2017-11-15 18:08 - 2017-11-15 18:08 - 000001049 _____ C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-11-15 18:05 - 2017-11-15 18:05 - 000000000 ____D C:\Users\fabiw\AppData\Local\Crashpad
2017-11-15 18:05 - 2017-04-27 21:00 - 000000120 ____R C:\Users\fabiw\OneDrive\Dokumente\Eigenes Notizbuch.url
2017-11-15 18:05 - 2016-02-20 22:07 - 000049697 _____ C:\Users\fabiw\OneDrive\Dokumente\Deutsch Zugunglück.odt
2017-11-15 18:01 - 2017-11-15 18:01 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Macromedia
2017-11-15 18:00 - 2017-11-22 22:44 - 000000000 ___RD C:\Users\fabiw\OneDrive
2017-11-15 18:00 - 2017-11-16 06:38 - 000002385 _____ C:\Users\fabiw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-15 17:59 - 2017-11-15 21:34 - 000000000 ___HD C:\$GetCurrent
2017-11-15 17:58 - 2017-11-15 22:56 - 000000000 ____D C:\Windows10Upgrade
2017-11-15 17:58 - 2017-11-15 17:58 - 000000819 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2017-11-15 17:58 - 2017-11-15 17:58 - 000000807 _____ C:\Users\fabiw\Desktop\Windows 10-Upgrade-Assistent.lnk
2017-11-15 17:57 - 2017-12-04 14:18 - 000000000 ____D C:\Users\fabiw\AppData\Local\Comms
2017-11-15 17:56 - 2017-11-30 20:56 - 000000200 _____ C:\Users\fabiw\AppData\Roaming\sp_data.sys
2017-11-15 17:56 - 2017-11-15 19:06 - 000000000 ____D C:\Users\fabiw\AppData\Local\Publishers
2017-11-15 17:54 - 2017-12-04 19:10 - 000000000 ____D C:\Users\fabiw\AppData\Local\VirtualStore
2017-11-15 17:54 - 2017-11-30 17:40 - 000000000 ____D C:\Users\fabiw\AppData\Local\Packages
2017-11-15 17:54 - 2017-11-15 18:14 - 000000000 ____D C:\Users\fabiw\AppData\Local\PackageStaging
2017-11-15 17:54 - 2017-11-15 17:54 - 000000000 ____D C:\Users\fabiw\AppData\Roaming\Adobe
2017-11-15 17:54 - 2017-11-15 17:54 - 000000000 ____D C:\Users\fabiw\AppData\Local\TileDataLayer
2017-11-15 17:53 - 2017-12-11 14:23 - 000000000 __SHD C:\Users\fabiw\IntelGraphicsProfiles
2017-11-15 17:53 - 2017-12-01 10:02 - 000000000 ____D C:\Users\fabiw\AppData\Local\ConnectedDevicesPlatform
2017-11-15 17:53 - 2017-11-15 18:06 - 000000000 ____D C:\Users\fabiw\AppData\Local\ASUS GIFTBOX
2017-11-15 17:51 - 2017-11-15 17:53 - 000000000 ____D C:\ProgramData\USBChargerPlus
2017-11-15 17:50 - 2017-11-15 17:51 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-11-15 17:47 - 2017-11-15 17:47 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-11-14 03:44 - 2017-11-14 03:44 - 000505768 _____ (McAfee LLC.) C:\WINDOWS\system32\Drivers\mfencbdc.sys
2017-11-14 03:44 - 2017-11-14 03:44 - 000108456 _____ (McAfee LLC.) C:\WINDOWS\system32\Drivers\mfencrk.sys
2017-11-14 03:44 - 2017-11-14 03:44 - 000031144 _____ (McAfee LLC.) C:\WINDOWS\system32\Drivers\mfeclnrk.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-12-10 20:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-09 15:54 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-07 16:14 - 2016-11-11 09:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-12-04 19:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-04 19:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-04 14:17 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-03 14:18 - 2017-04-19 00:04 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-01 11:10 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-01 09:51 - 2017-04-19 00:30 - 000000000 ____D C:\ProgramData\McAfee
2017-11-30 17:39 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-30 17:20 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-30 17:10 - 2017-04-19 00:37 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-30 17:10 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-28 14:18 - 2017-03-20 05:35 - 001006760 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-28 14:18 - 2017-03-20 05:35 - 000219584 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-23 18:01 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-23 17:36 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-11-23 17:30 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-11-23 17:30 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-11-23 17:30 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Com
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\IME
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Help
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\System
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-23 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-11-23 17:29 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-23 17:29 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\servicing
2017-11-23 17:15 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-11-23 17:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-11-22 19:23 - 2017-04-19 00:30 - 000000000 ____D C:\Program Files\mcafee
2017-11-22 17:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-21 19:49 - 2017-04-19 00:30 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-11-21 19:46 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-11-18 14:54 - 2017-04-19 00:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-18 14:54 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\System
2017-11-17 16:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-16 09:33 - 2017-04-19 00:30 - 000000000 ____D C:\Program Files\Common Files\AV
2017-11-16 06:27 - 2017-04-19 00:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 01:37 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows NT
2017-11-16 01:36 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-16 01:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2017-11-16 01:33 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-16 01:20 - 2017-03-20 05:37 - 000000000 ____D C:\WINDOWS\HoloShell
2017-11-16 01:16 - 2017-03-18 22:03 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-16 01:09 - 2017-04-19 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-11-16 01:09 - 2017-04-19 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-11-16 01:09 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-16 01:09 - 2016-11-11 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2017-11-16 01:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-16 01:02 - 2017-04-19 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-11-16 01:02 - 2017-04-19 00:08 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-16 01:02 - 2017-03-20 05:36 - 000000000 ____D C:\WINDOWS\OCR
2017-11-16 00:51 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-16 00:37 - 2017-03-18 22:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-16 00:32 - 2017-03-18 22:06 - 000000000 ____D C:\WINDOWS\Setup
2017-11-16 00:29 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\de
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 00:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 00:26 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-11-16 00:26 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-11-15 18:31 - 2017-04-19 00:30 - 000000000 ____D C:\Program Files (x86)\McAfee

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-11-15 17:56 - 2017-11-30 20:56 - 000000200 _____ () C:\Users\fabiw\AppData\Roaming\sp_data.sys

Einige Dateien in TEMP:
====================
2017-12-09 13:35 - 2017-12-09 15:16 - 000000000 _____ () C:\Users\fabiw\AppData\Local\Temp\3d51890c7b88e4feeeed777176b46429.dll
2017-12-09 13:36 - 2017-12-09 14:37 - 000000067 _____ () C:\Users\fabiw\AppData\Local\Temp\c5645fa44b80fccd17c66d84cbca405b.dll
2017-12-07 16:21 - 2017-12-07 16:21 - 000019968 ____N (Red Hat®, Inc.) C:\Users\fabiw\AppData\Local\Temp\jansi-64-2920000971460044364.dll
2017-12-06 17:57 - 2017-12-06 17:57 - 000019968 _____ (Red Hat®, Inc.) C:\Users\fabiw\AppData\Local\Temp\jansi-64-4976814696885888776.dll
2017-12-07 18:50 - 2017-12-07 18:50 - 000019968 ____N (Red Hat®, Inc.) C:\Users\fabiw\AppData\Local\Temp\jansi-64-7450869884427445315.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-11-28 20:56

==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-12-2017
durchgeführt von fabiw (11-12-2017 14:41:20)
Gestartet von C:\Users\fabiw\Downloads
Windows 10 Home Version 1703 15063.726 (X64) (2017-11-16 05:24:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3201623140-884167320-1932495159-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3201623140-884167320-1932495159-503 - Limited - Disabled)
fabiw (S-1-5-21-3201623140-884167320-1932495159-1001 - Administrator - Enabled) => C:\Users\fabiw
Gast (S-1-5-21-3201623140-884167320-1932495159-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.6.5 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.17 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.140 - ICEpower a/s)
Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.2.0.0644 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
Dungeons 3 (HKLM-x32\...\Dungeons 3_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 25.102.122.1942 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.107.0 - Intel Security)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 16.0.5 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge (HKLM-x32\...\Mirror's Edge_is1) (Version:  - )
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA PhysX v8.10.17 (HKLM-x32\...\{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}) (Version: 8.10.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.108.34.0 - Overwolf Ltd.)
Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.13 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SoftMaker FreeOffice 2016 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB05}) (Version: 1.0.3835 - SoftMaker Software GmbH)
Spotify (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer)
Twitch (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft)
USB Multi-Channel Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0019 - C-Media Electronics, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Wargaming.net Game Center) (Version: 17.9.0.6629 - Wargaming.net)
Web Companion (HKLM-x32\...\{82a70444-1676-443b-ba5e-853908f40686}) (Version: 4.0.1763.3314 - Lavasoft)
WhatsApp (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusTP) Mouse  (11/14/2016 1.0.0.296) (HKLM\...\65B9910720028F522F77F51D9993E7846B2E60D2) (Version: 11/14/2016 1.0.0.296 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks - Common Test (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version:  - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.1.0.5644 - Kingsoft Corp.)
XVM Version 7.2.4 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 7.2.4 - XVM team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{96836CC1-31EA-4F1C-A7F4-D67863D5D4FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveCloudOverlayIconHandler] -> {7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDrivePinnedOverlayIconHandler] -> {C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveProgressOverlayIconHandler] -> {96836CC1-31EA-4F1C-A7F4-D67863D5D4FD} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-11-02] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-06] (Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-11-02] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ContextMenuHandlers4_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ContextMenuHandlers5_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {5594714D-087D-40DB-ADD8-F1E427F448ED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-04] (Adobe Systems Incorporated)
Task: {8D2816A8-ABEC-4B28-94ED-1605F31BA3EF} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {90DEB99B-55B9-4043-B5E4-1C334BA745A5} - System32\Tasks\S-1-5-21-3201623140-884167320-1932495159-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-16] (Microsoft Corporation)
Task: {9BE347F8-93D4-4874-9903-466C978E8891} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-12-04] (Adobe Systems Incorporated)
Task: {B07DCE42-8578-41B9-96C5-B8B513E01CB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {D48E1B57-9B5A-4753-A5B4-359926C36D21} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.4.222\mcdatrep.exe [2017-12-01] (McAfee, LLC.)
Task: {DB66067B-C788-48AE-B1DA-D4F9F3DBC9D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {DFF18FAE-863E-45C8-AB58-FDC110BC6909} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-11-21 19:49 - 2017-11-02 15:00 - 001173968 _____ () C:\Program Files\McAfee\MSC\CSPEnrollmentHandler.dll
2017-11-21 19:49 - 2017-11-02 15:00 - 001191040 _____ () C:\Program Files\McAfee\MSC\CultureChangeHandler.dll
2017-11-21 19:49 - 2017-11-02 15:00 - 002277760 _____ () C:\Program Files\McAfee\MSC\CultureLookUpHandler.dll
2017-11-22 22:16 - 2016-12-20 19:15 - 000021504 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\wallpaperservice32_c.exe
2017-11-16 11:35 - 2017-11-15 09:44 - 000587256 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-11-16 11:35 - 2017-11-15 09:44 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2016-12-13 04:54 - 2016-10-06 14:17 - 000384496 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-11-22 20:26 - 2016-12-20 19:15 - 000646144 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\wallpaper32.exe
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 16:24 - 2017-11-30 16:26 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-11-22 20:25 - 2016-12-20 19:15 - 000305152 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\webwallpaper32.exe
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-10-20 04:02 - 2017-10-20 04:02 - 000077824 _____ () C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2017-10-20 04:02 - 2017-10-20 04:02 - 000144896 _____ () C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2017-11-18 14:54 - 2013-05-16 15:21 - 000307200 ____N () C:\WINDOWS\system\Cm106eye.exe
2017-11-22 20:25 - 2016-12-20 19:15 - 051768832 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libcef.dll
2017-11-22 20:25 - 2016-12-20 19:15 - 001796608 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libglesv2.dll
2017-11-22 20:25 - 2016-12-20 19:15 - 000078848 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libegl.dll
2017-11-18 14:54 - 2006-09-13 12:08 - 000491520 ____N () C:\WINDOWS\system\CmAu106.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3201623140-884167320-1932495159-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fabiw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\league_of_legends___sivir_wallpaper_by_soinnes-d86q5ph.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9A3D6922-AC71-4797-B3AC-278E09D9F29E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B181FC74-6B2B-43A3-8C9F-5D26C2088844}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8354D7DE-F9E7-4178-8ADB-B3D4A7529C8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{330795B2-535F-4A6E-81A3-514B70F3AFF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{90839865-C252-423B-9462-8FF039173977}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AF1235DC-78E9-4B17-BDA7-7CB10610DBF4}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{5AB407C3-4AAD-40F3-957B-95F7D328114D}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{13AF08D0-88F8-4C80-B7A0-E5B20649D064}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{BEE3BA3C-C62A-4E41-9C2C-45049AB97B40}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{73E6CFE2-815E-4AA5-9715-33613C507454}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{C32DA48A-395A-4AEA-AEE6-C339EC9E9118}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{2E89442A-4A92-4F67-BED9-830800AEA02A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5E6FCE8B-55A8-4229-B1FE-34F132122790}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5833060C-670F-4735-9C26-01E3346A5BD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7306C62-E30F-411B-B5C4-0F65EFA87DC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E2C924E2-3436-442B-A3CF-AB90AC4ED525}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{696360C3-51F6-434E-8BE1-7E4D8F6FFB86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{ED42A64B-491C-447D-8CE8-476F05E3FF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{518EED95-ACF1-4DEA-9CBB-5EED49300370}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{F5991EAA-8D13-4AB9-9C5E-C1A677D16A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{A3E2F857-BB7C-4155-A87A-BC8CA478F0D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{430BBB63-3A5B-407B-978D-3922F0D7333C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BE9E83A0-2995-4813-89A7-D6BD2546ED45}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B5A3EC2A-E742-45E7-9DCE-1D62E5C15B92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{02C146A5-0B29-4913-91AD-A9C73BC77252}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EAA40B15-7FFD-4FD1-8CEE-D7A9527130F6}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7A90BB39-DE02-4A03-B42C-486A74C0C279}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E500235-15A8-4890-9D53-CB609EC521EE}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3ACE0131-0B40-4448-A3B2-834F42D4933B}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{36DC2E8D-13D1-4E26-BE8E-EFD19F0DD13A}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FB25150-2736-44AB-9A5B-99DC441DEB40}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5D986AA-0747-4C48-8CE4-B6353B3CB021}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D7444728-55AA-4C7A-A09B-3FCED4BAE4AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{533846F7-1698-44F0-97D0-BEE30B7DDC29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E6D2B8AF-49DE-421D-BF48-A92301D13C54}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F07B7E7B-9E19-4146-8B4F-4619D09EB1DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{8F0BAEEF-4243-41FA-8598-4D09E5C583BC}C:\users\fabiw\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabiw\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DE53E188-92DC-4D00-AA32-73A260014652}C:\users\fabiw\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabiw\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1F620A9A-5E78-4205-861A-7294B248DFDB}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{4B393836-069E-42E6-BEE6-1160874B81DE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{6F414816-1EA2-47D0-AF38-F658A1466AA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{13D8FBDC-7988-4757-BD94-283BFFABD083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E8C034BE-B820-4144-95F3-4C86427C0791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{39FFCD15-8B6F-410C-9F4B-88C49BE011F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4CCB9C7B-3DD4-4A2A-B9FC-B2D97796033F}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{A0A9FD7F-60BA-43EE-B245-4CED65DDC810}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{2023240B-AD64-4AC4-BE70-FC19F5C7F714}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [{1BE628CE-59B7-4224-8DEE-35E236974BA6}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [TCP Query User{4F0105B0-3111-40BD-BA4C-41FF0679886B}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{70C93B2C-95E3-4450-AC6E-B02B6C557277}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{18B399CC-2B54-4809-B376-9B7ECC9FBFF8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7B2B60C9-1ABE-4129-8DC4-36F830E2C66D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{B12EF888-0A62-4210-BE25-42E09328034E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [TCP Query User{561996E5-C12F-49F6-B12F-865582A0A2B5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3A3272FB-6EBD-4399-B895-E1D1AFA2A381}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{781595C9-2CF6-4391-8988-6C7F47083B52}C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1F4CA654-CF1D-4D30-857F-1E1550449570}C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F14EE131-53EA-4832-B0AF-6153598867C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{45801AE4-61F8-4FA0-AD74-329994B546AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5FDC6F5A-B213-477E-9E6B-D5E875C278C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{26C26C49-5465-4EE3-A959-EF5B1E6456B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Wiederherstellungspunkte =========================

30-11-2017 17:37:40 Installed LibreOffice 5.4.3.2
03-12-2017 13:03:43 Installed Minecraft
04-12-2017 15:20:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
06-12-2017 18:17:44 Installed SoftMaker FreeOffice 2016
09-12-2017 13:32:39 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/11/2017 02:42:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:02Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:41:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:32Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:41:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:02Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:40:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:32Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:40:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:02Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:39:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:32Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:39:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:02Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:38:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:32Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:38:02 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:02Z. Fehlercode: 0x80070002.

Error: (12/11/2017 02:37:32 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:32Z. Fehlercode: 0x80070002.


Systemfehler:
=============
Error: (12/11/2017 02:23:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/11/2017 02:23:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/11/2017 02:22:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (12/10/2017 08:33:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J2934L2)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/10/2017 08:33:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J2934L2)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/10/2017 08:33:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J2934L2)
Description: Der Server "{9AA46009-3CE0-458A-A354-715610A075E6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/10/2017 05:37:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (12/10/2017 04:05:40 PM) (Source: Schannel) (EventID: 4108) (User: DESKTOP-J2934L2)
Description: Das vom Remoteserver empfangene Zertifikat wurde nicht ordnungsgemäß bestätigt. Fehlercode: 0x80092013. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/10/2017 04:05:33 PM) (Source: Schannel) (EventID: 4108) (User: DESKTOP-J2934L2)
Description: Das vom Remoteserver empfangene Zertifikat wurde nicht ordnungsgemäß bestätigt. Fehlercode: 0x80092013. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (12/10/2017 04:00:34 PM) (Source: Schannel) (EventID: 4108) (User: DESKTOP-J2934L2)
Description: Das vom Remoteserver empfangene Zertifikat wurde nicht ordnungsgemäß bestätigt. Fehlercode: 0x80092013. Fehler bei der TLS-Verbindungsanforderung. Die angefügten Daten enthalten das Serverzertifikat.


CodeIntegrity:
===================================
  Date: 2017-12-09 14:36:57.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-09 13:36:01.987
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-22 18:10:57.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:57.516
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:57.486
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:57.456
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:57.427
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:57.401
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:52.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-11-22 18:10:52.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8098.15 MB
Verfügbarer physikalischer RAM: 4991.96 MB
Summe virtueller Speicher: 9378.15 MB
Verfügbarer virtueller Speicher: 6098.49 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:929.62 GB) (Free:495.26 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (UA0099) (CDROM) (Total:0.2 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E078C42F)

Partition: GPT.

==================== Ende von Addition.txt ============================


Alt 11.12.2017, 15:28   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Code:
ATTFilter
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Du hast ein gecracktes Microsoft Office drauf

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
--> Proxy einstellungen lassen sich nicht ändern

Alt 11.12.2017, 16:29   #7
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Hab soweit alles gelöscht, was ich gefunden habe.

Alt 11.12.2017, 19:22   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Du hast Office deinstalliert?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 12.12.2017, 14:39   #9
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Ja habe ich.

Alt 13.12.2017, 10:45   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Ich muss von der Verwendung dieses Browsers aus Datenschutzgründen dringend abraten.

Deinstalliere Google Chrome und verwende stattdessen Mozilla Firefox.



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.12.2017, 19:02   #11
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Benutze mittlerweile auch Firefox hab Chrome nur noch nicht deinstalliert.

Alt 15.12.2017, 22:06   #12
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.12.14.05
  rootkit: v2017.10.14.01

Windows 10 x64 NTFS
Internet Explorer 11.726.15063.0
fabiw :: DESKTOP-J2934L2 [administrator]

14.12.2017 19:07:25
mbar-log-2017-12-14 (19-07-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 222325
Time elapsed: 54 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\$Recycle.Bin\S-1-5-21-3201623140-884167320-1932495159-1001\$R9TNOH3\AutoPico.exe (CrackTool.KMSPico) -> Delete on reboot. [1c611019604a65d1012fc16548b912ee]
C:\$Recycle.Bin\S-1-5-21-3201623140-884167320-1932495159-1001\$R9TNOH3\KMSELDI.exe (CrackTool.KMSPico) -> Delete on reboot. [225b63c62a806bcb220fd05658a9966a]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Danke für die Hilfe!
Habe mein Problem gelöst... Ich habe nochmal einen Bekannten von mir gefragt, dieser ist Informatiker und hat mir gesagt ich sollte mal
Code:
ATTFilter
 
RemoveProxy:
Emptytemp:
in eine Textdatei namens "Fixlist.txt" schreiben diese in dem Verzeichnis von FRST speichern, dann FRST starten un auf entfernen drücken. Nachdem ich das gemacht hab geht alles wieder.

Alt 15.12.2017, 22:09   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Nur weil er Informatiker ist, heißt das nicht, dass er vernünftig Windows bereinigen kann. Dafür ist das Gebiet der Informatik einfach zu groß, da kann niemand alles können oder wissen.

Das removeProxy ist erstmal nur Symptombehandlung. Da kann noch die Ursache immer noch aktiv sein. (Ursache = malware, die die Proxysettings verändert)


Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.12.2017, 23:55   #14
BryanDawg
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2017
durchgeführt von fabiw (17-12-2017 23:53:17)
Gestartet von C:\Users\fabiw\Desktop
Windows 10 Home Version 1703 15063.726 (X64) (2017-11-16 05:24:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3201623140-884167320-1932495159-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3201623140-884167320-1932495159-503 - Limited - Disabled)
fabiw (S-1-5-21-3201623140-884167320-1932495159-1001 - Administrator - Enabled) => C:\Users\fabiw
Gast (S-1-5-21-3201623140-884167320-1932495159-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.6.5 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.17 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.140 - ICEpower a/s)
Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.2.0.0644 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
Dungeons 3 (HKLM-x32\...\Dungeons 3_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 25.102.133.409 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Intel Security Software Manager (HKLM\...\Intel Security Software Manager) (Version: 1.1.107.0 - Intel Security)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 16.0.5 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.148 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.8625.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mirror's Edge (HKLM-x32\...\Mirror's Edge_is1) (Version:  - )
Mirror's Edge™ Catalyst (HKLM-x32\...\{12228a0d-f6ad-4691-82af-d2c643424468}) (Version: 1.0.3.47248 - Electronic Arts)
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA PhysX v8.10.17 (HKLM-x32\...\{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}) (Version: 8.10.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.108.34.0 - Overwolf Ltd.)
Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.13 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
SoftMaker FreeOffice 2016 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB05}) (Version: 1.0.3835 - SoftMaker Software GmbH)
Spotify (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer)
theHunter Call of the Wild (HKLM-x32\...\theHunter Call of the Wild_is1) (Version:  - )
Twitch (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft)
USB Multi-Channel Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.00.0019 - C-Media Electronics, Inc.)
Wargaming.net Game Center (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\Wargaming.net Game Center) (Version: 17.9.0.6629 - Wargaming.net)
Web Companion (HKLM-x32\...\{82a70444-1676-443b-ba5e-853908f40686}) (Version: 4.0.1763.3314 - Lavasoft)
WhatsApp (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusTP) Mouse  (11/14/2016 1.0.0.296) (HKLM\...\65B9910720028F522F77F51D9993E7846B2E60D2) (Version: 11/14/2016 1.0.0.296 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks - Common Test (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version:  - Wargaming.net)
World of Tanks (2) (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WOT.EU.PRODUCTION(2)) (Version:  - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.1.0.5644 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{96836CC1-31EA-4F1C-A7F4-D67863D5D4FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3201623140-884167320-1932495159-1001_Classes\CLSID\{C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll => Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveCloudOverlayIconHandler] -> {7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDrivePinnedOverlayIconHandler] -> {C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveProgressOverlayIconHandler] -> {96836CC1-31EA-4F1C-A7F4-D67863D5D4FD} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-11-02] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-06] (Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-11-02] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ContextMenuHandlers4_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei
ContextMenuHandlers5_S-1-5-21-3201623140-884167320-1932495159-1001: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.1.99.2312\drivefsext.dll -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {010F8AFB-5562-43CB-BE50-756C5F0D3E58} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-17] ()
Task: {5594714D-087D-40DB-ADD8-F1E427F448ED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {8D2816A8-ABEC-4B28-94ED-1605F31BA3EF} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {90DEB99B-55B9-4043-B5E4-1C334BA745A5} - System32\Tasks\S-1-5-21-3201623140-884167320-1932495159-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-16] (Microsoft Corporation)
Task: {9BE347F8-93D4-4874-9903-466C978E8891} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {A286B56E-4146-4753-B764-5321FEF62079} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.4.222\mcdatrep.exe [2017-12-01] (McAfee, LLC.)
Task: {B07DCE42-8578-41B9-96C5-B8B513E01CB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {B65F0042-A6BD-4026-A013-7D07E23D4E73} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-12-17] ()
Task: {DB66067B-C788-48AE-B1DA-D4F9F3DBC9D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-30] (Google Inc.)
Task: {DFF18FAE-863E-45C8-AB58-FDC110BC6909} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {F751F672-53D1-42E3-8FA2-2BF5E9AA47B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
Task: {FB4C4FC2-5B4C-4455-A310-56F4013C4FB1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-11-21 19:49 - 2017-11-02 15:00 - 001173968 _____ () C:\Program Files\McAfee\MSC\CSPEnrollmentHandler.dll
2017-11-21 19:49 - 2017-11-02 15:00 - 001191040 _____ () C:\Program Files\McAfee\MSC\CultureChangeHandler.dll
2017-11-21 19:49 - 2017-11-02 15:00 - 002277760 _____ () C:\Program Files\McAfee\MSC\CultureLookUpHandler.dll
2017-11-22 22:16 - 2016-12-20 19:15 - 000021504 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\wallpaperservice32_c.exe
2017-11-16 11:35 - 2017-11-15 09:44 - 000587256 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-11-16 11:35 - 2017-11-15 09:44 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-11-22 20:26 - 2016-12-20 19:15 - 000646144 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\wallpaper32.exe
2016-12-13 04:54 - 2016-10-06 14:17 - 000384496 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-11-22 20:25 - 2016-12-20 19:15 - 000305152 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\webwallpaper32.exe
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 16:24 - 2017-11-30 16:26 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 16:24 - 2017-11-30 16:26 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-20 04:29 - 2017-10-20 04:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-10-20 04:02 - 2017-10-20 04:02 - 000077824 _____ () C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2017-10-20 04:02 - 2017-10-20 04:02 - 000144896 _____ () C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2017-12-15 22:15 - 2017-12-14 16:18 - 003440768 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.118\deploy\LeagueClient.exe
2017-12-15 22:15 - 2017-12-14 16:18 - 001711232 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.118\deploy\LeagueClientUx.exe
2017-12-15 22:15 - 2017-12-14 16:18 - 000892032 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.118\deploy\LeagueClientUxRender.exe
2017-11-22 20:25 - 2016-12-20 19:15 - 051768832 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libcef.dll
2017-11-22 20:25 - 2016-12-20 19:15 - 001796608 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libglesv2.dll
2017-11-22 20:25 - 2016-12-20 19:15 - 000078848 _____ () C:\Users\fabiw\Desktop\Wallpaper Engine\Wallpaper Engine\bin\libegl.dll
2017-11-22 14:32 - 2017-11-22 14:34 - 026657792 _____ () C:\Program Files\WindowsApps\XINGAG.XING_3.99.20.0_x86__xpfg3f7e9an52\Xing.UWP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3201623140-884167320-1932495159-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fabiw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\league_of_legends___sivir_wallpaper_by_soinnes-d86q5ph.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3201623140-884167320-1932495159-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9A3D6922-AC71-4797-B3AC-278E09D9F29E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B181FC74-6B2B-43A3-8C9F-5D26C2088844}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8354D7DE-F9E7-4178-8ADB-B3D4A7529C8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{330795B2-535F-4A6E-81A3-514B70F3AFF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{90839865-C252-423B-9462-8FF039173977}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AF1235DC-78E9-4B17-BDA7-7CB10610DBF4}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{5AB407C3-4AAD-40F3-957B-95F7D328114D}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{73E6CFE2-815E-4AA5-9715-33613C507454}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{C32DA48A-395A-4AEA-AEE6-C339EC9E9118}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{2E89442A-4A92-4F67-BED9-830800AEA02A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5E6FCE8B-55A8-4229-B1FE-34F132122790}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5833060C-670F-4735-9C26-01E3346A5BD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B7306C62-E30F-411B-B5C4-0F65EFA87DC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E2C924E2-3436-442B-A3CF-AB90AC4ED525}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{696360C3-51F6-434E-8BE1-7E4D8F6FFB86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{ED42A64B-491C-447D-8CE8-476F05E3FF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{518EED95-ACF1-4DEA-9CBB-5EED49300370}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{F5991EAA-8D13-4AB9-9C5E-C1A677D16A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{A3E2F857-BB7C-4155-A87A-BC8CA478F0D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{430BBB63-3A5B-407B-978D-3922F0D7333C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BE9E83A0-2995-4813-89A7-D6BD2546ED45}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B5A3EC2A-E742-45E7-9DCE-1D62E5C15B92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{02C146A5-0B29-4913-91AD-A9C73BC77252}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EAA40B15-7FFD-4FD1-8CEE-D7A9527130F6}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7A90BB39-DE02-4A03-B42C-486A74C0C279}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E500235-15A8-4890-9D53-CB609EC521EE}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3ACE0131-0B40-4448-A3B2-834F42D4933B}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{36DC2E8D-13D1-4E26-BE8E-EFD19F0DD13A}] => (Allow) C:\Users\fabiw\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FB25150-2736-44AB-9A5B-99DC441DEB40}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5D986AA-0747-4C48-8CE4-B6353B3CB021}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D7444728-55AA-4C7A-A09B-3FCED4BAE4AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{533846F7-1698-44F0-97D0-BEE30B7DDC29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E6D2B8AF-49DE-421D-BF48-A92301D13C54}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F07B7E7B-9E19-4146-8B4F-4619D09EB1DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{8F0BAEEF-4243-41FA-8598-4D09E5C583BC}C:\users\fabiw\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabiw\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DE53E188-92DC-4D00-AA32-73A260014652}C:\users\fabiw\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabiw\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6F414816-1EA2-47D0-AF38-F658A1466AA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{13D8FBDC-7988-4757-BD94-283BFFABD083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E8C034BE-B820-4144-95F3-4C86427C0791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{39FFCD15-8B6F-410C-9F4B-88C49BE011F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4CCB9C7B-3DD4-4A2A-B9FC-B2D97796033F}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{A0A9FD7F-60BA-43EE-B245-4CED65DDC810}] => (Allow) C:\Games\World_of_Tanks_CT\WoTLauncher.exe
FirewallRules: [{2023240B-AD64-4AC4-BE70-FC19F5C7F714}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [{1BE628CE-59B7-4224-8DEE-35E236974BA6}] => (Allow) C:\Games\World_of_Tanks_CT\worldoftanks.exe
FirewallRules: [TCP Query User{4F0105B0-3111-40BD-BA4C-41FF0679886B}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{70C93B2C-95E3-4450-AC6E-B02B6C557277}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7B2B60C9-1ABE-4129-8DC4-36F830E2C66D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{B12EF888-0A62-4210-BE25-42E09328034E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [TCP Query User{561996E5-C12F-49F6-B12F-865582A0A2B5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{3A3272FB-6EBD-4399-B895-E1D1AFA2A381}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{781595C9-2CF6-4391-8988-6C7F47083B52}C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1F4CA654-CF1D-4D30-857F-1E1550449570}C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\fabiw\onedrive\dokumente\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F14EE131-53EA-4832-B0AF-6153598867C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{45801AE4-61F8-4FA0-AD74-329994B546AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5FDC6F5A-B213-477E-9E6B-D5E875C278C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{26C26C49-5465-4EE3-A959-EF5B1E6456B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6498C20-8F2F-412A-965D-917A2C8C8B10}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CC93BC59-9FA2-46C0-8F98-F5053A12880B}C:\games\thehunter call of the wild\thehuntercotw_f.exe] => (Allow) C:\games\thehunter call of the wild\thehuntercotw_f.exe
FirewallRules: [UDP Query User{334918E5-2747-4907-A936-D2B63BDA4EE5}C:\games\thehunter call of the wild\thehuntercotw_f.exe] => (Allow) C:\games\thehunter call of the wild\thehuntercotw_f.exe
FirewallRules: [{73BAB98B-EB0C-4589-8744-3811A2D247A9}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
FirewallRules: [{CFD6B5D1-F20A-47C7-BE1C-5726AE82EAB3}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
FirewallRules: [{CEDAA159-5302-4FAD-9145-1680046ED79A}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{B881114E-41B5-4AE2-8BC7-7DA4425588F6}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{D593CAAF-97E2-4903-B312-10B73240EB56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{ED33E44E-507D-4236-9BDD-C01E434AEC13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\SteamLauncher.exe
FirewallRules: [{65853F01-505C-403F-8E80-F02B5F0B8758}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{E0258D0B-C07F-4A15-B49E-DB41F45E888F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe

==================== Wiederherstellungspunkte =========================

17-12-2017 19:22:19 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/17/2017 11:54:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:12Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:53:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:42Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:53:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:12Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:52:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:42Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:52:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:12Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:51:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:42Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:51:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:12Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:50:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:42Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:50:12 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:12Z. Fehlercode: 0x80070002.

Error: (12/17/2017 11:49:42 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2018-01-01T22:59:42Z. Fehlercode: 0x80070002.


Systemfehler:
=============
Error: (12/17/2017 06:39:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/17/2017 06:39:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/17/2017 05:57:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/17/2017 05:57:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/17/2017 05:57:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kingsoft_WPS_UpdateService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/17/2017 05:57:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Kingsoft_WPS_UpdateService erreicht.

Error: (12/17/2017 05:56:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (12/17/2017 05:56:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎17.‎12.‎2017 um 17:38:34 unerwartet heruntergefahren.

Error: (12/17/2017 04:34:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (12/17/2017 03:47:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.


CodeIntegrity:
===================================
  Date: 2017-12-17 15:47:17.797
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-17 15:41:19.967
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-15 17:10:28.874
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-13 15:06:20.179
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-13 15:03:23.381
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-12 14:44:13.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-11 19:14:22.458
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-09 14:36:57.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-12-09 13:36:01.987
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-11-22 18:10:57.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.107.259.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8098.15 MB
Verfügbarer physikalischer RAM: 5347.4 MB
Summe virtueller Speicher: 9378.15 MB
Verfügbarer virtueller Speicher: 6599.61 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:929.62 GB) (Free:481.74 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (UA0099) (CDROM) (Total:0.2 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E078C42F)

Partition: GPT.

==================== Ende von Addition.txt ============================
--- --- ---
Alt 18.12.2017, 09:27   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Proxy einstellungen lassen sich nicht ändern - Standard

Proxy einstellungen lassen sich nicht ändern


neue FRST.txt fehlt!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 1 von 3 1 23

Themen zu Proxy einstellungen lassen sich nicht ändern
einstellungen, gen, hoffe, inter, interne, internetoptionen, leihe, nicht, problem, proxy, proxyeinstellungen, sache, sachen, schonmal, screenshot, server, servern, steam, systemadministrator, ändern


« IE 11 öffnet manchmal Gewinnspielseiten | Rumbler.ru »


Ähnliche Themen: Proxy einstellungen lassen sich nicht ändern


  1. Eigenartige Proxy einstellungen durch Tune Up Utilities...?
    Plagegeister aller Art und deren Bekämpfung - 07.07.2015 (5)
  2. Windows 7 Proxy-Einstellungen ändern sich ungefragt. CIS Serverfehler. Loopback joosoft.com
    Log-Analyse und Auswertung - 26.05.2015 (12)
  3. Windows 7: Kein Internetzugang durch Proxy-Einstellungen
    Plagegeister aller Art und deren Bekämpfung - 05.03.2015 (13)
  4. Proxy server Problem: Einige Seiten lassen sich nicht öffnen
    Netzwerk und Hardware - 09.01.2015 (1)
  5. Proxy-Einstellungen ändern sich, Musik im Hintergrund und langsamer PC
    Plagegeister aller Art und deren Bekämpfung - 31.08.2014 (10)
  6. Proxy Server Einstellungen geändert
    Plagegeister aller Art und deren Bekämpfung - 28.08.2014 (9)
  7. Windows 7 LAN Einstellungen lassen sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 27.08.2014 (2)
  8. Windows 7: IE11 FF30 Startseite lässt sich nicht ändern bzw. setzt sich zurück
    Log-Analyse und Auswertung - 05.07.2014 (9)
  9. Browser Startseite haben sich nicht ändern lassen
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (5)
  10. Windows einstellungen, wie Firewall, lässt sich nicht ändern. Bitte prüfen
    Log-Analyse und Auswertung - 28.01.2014 (16)
  11. IP Adresse ändern? Proxy?
    Überwachung, Datenschutz und Spam - 29.08.2012 (2)
  12. Windows XP Neuinstallieren kann die Bios Boot einstellungen nicht ändern
    Alles rund um Windows - 31.08.2011 (11)
  13. firewall-einstellungen ändern sich von selbst
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (16)
  14. Virus eingefangen aber welcher? Einstellungen ändern sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (1)
  15. Einstellungen lassen sich nciht mehr ändern, div. webseiten lassen sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 23.02.2009 (82)
  16. IE Einstellungen / registry ändern sich bei starten
    Plagegeister aller Art und deren Bekämpfung - 20.11.2007 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Proxy einstellungen lassen sich nicht ändern - Hallo, Ich habe das Problem, dass ich meine Proxyeinstellungen nicht ändern kann. Wenn ich in den Internetoptionen bin steht unten "Einige Einstellungen werden vom Systemadministrator verwaltet"(s. Screenshot) und die Schaltfläche - Proxy einstellungen lassen sich nicht ändern...
Archiv
Du betrachtest: Proxy einstellungen lassen sich nicht ändern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19