| |
| |||||||
Log-Analyse und Auswertung: Bedrohungen tauchen trotz löschen immer wieder aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
15.04.2017, 11:48
| #16 |
| Gast |  ADWcleaner log DateiCode:
ATTFilter # AdwCleaner v6.045 - Bericht erstellt am 15/04/2017 um 12:41:15
# Aktualisiert am 28/03/2017 von Malwarebytes
# Datenbank : 2017-04-14.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Levin_ - DESKTOP-ICCE417
# Gestartet von : C:\Users\Levin_\Desktop\adwcleaner_6.045.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Levin_\AppData\Local\Firefox
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Public\Documents\temp.dat
[-] Datei gelöscht: C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ScreenShot
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML
***** [ Browser ] *****
[-] [C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: igjjkeeamkpihpncmmbgdkhdnjpcfmfb
[-] [C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: lcnnhcneegeeojhgpfijnlnocjdmlaon
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2068 Bytes] - [31/03/2017 11:48:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [3033 Bytes] - [10/04/2017 14:52:31]
C:\AdwCleaner\AdwCleaner[C3].txt - [2108 Bytes] - [10/04/2017 17:43:08]
C:\AdwCleaner\AdwCleaner[C4].txt - [1927 Bytes] - [10/04/2017 17:44:42]
C:\AdwCleaner\AdwCleaner[C5].txt - [2130 Bytes] - [10/04/2017 18:34:19]
C:\AdwCleaner\AdwCleaner[C6].txt - [2219 Bytes] - [10/04/2017 18:35:38]
C:\AdwCleaner\AdwCleaner[C7].txt - [3142 Bytes] - [11/04/2017 12:03:20]
C:\AdwCleaner\AdwCleaner[C8].txt - [2187 Bytes] - [15/04/2017 12:41:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [8967 Bytes] - [08/03/2017 15:37:07]
C:\AdwCleaner\AdwCleaner[S10].txt - [2617 Bytes] - [10/04/2017 18:38:51]
C:\AdwCleaner\AdwCleaner[S11].txt - [3231 Bytes] - [11/04/2017 11:53:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [3234 Bytes] - [11/04/2017 12:01:06]
C:\AdwCleaner\AdwCleaner[S13].txt - [2827 Bytes] - [11/04/2017 12:06:50]
C:\AdwCleaner\AdwCleaner[S14].txt - [3765 Bytes] - [14/04/2017 17:18:21]
C:\AdwCleaner\AdwCleaner[S15].txt - [3519 Bytes] - [14/04/2017 17:59:05]
C:\AdwCleaner\AdwCleaner[S16].txt - [3592 Bytes] - [15/04/2017 12:34:49]
C:\AdwCleaner\AdwCleaner[S17].txt - [3607 Bytes] - [15/04/2017 12:36:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [9475 Bytes] - [08/03/2017 15:39:56]
C:\AdwCleaner\AdwCleaner[S2].txt - [2612 Bytes] - [31/03/2017 11:46:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [2257 Bytes] - [31/03/2017 11:48:20]
C:\AdwCleaner\AdwCleaner[S4].txt - [2692 Bytes] - [10/04/2017 13:52:07]
C:\AdwCleaner\AdwCleaner[S5].txt - [3077 Bytes] - [10/04/2017 13:55:17]
C:\AdwCleaner\AdwCleaner[S6].txt - [2349 Bytes] - [10/04/2017 17:42:28]
C:\AdwCleaner\AdwCleaner[S7].txt - [2177 Bytes] - [10/04/2017 17:44:35]
C:\AdwCleaner\AdwCleaner[S8].txt - [2337 Bytes] - [10/04/2017 17:51:59]
C:\AdwCleaner\AdwCleaner[S9].txt - [2469 Bytes] - [10/04/2017 18:35:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [3582 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x64
Ran by Levin_ (Administrator) on 15.04.2017 at 12:44:44,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\ProgramData\mntemp (File)
Deleted the following from C:\Users\Levin_\AppData\Roaming\Mozilla\Firefox\Profiles\c8t259o7.default\prefs.js
user_pref(browser.search.searchengine.uid, ST31500541AS_5XW07ZL5XXXX5XW07ZL5);
user_pref(browser.urlbar.suggest.searches, true);
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C165C555F6D3AC04A152F33FF04055AF (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2017 at 12:46:24,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
15.04.2017, 20:00
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Bedrohungen tauchen trotz löschen immer wieder auf Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________
__________________ |
|
15.04.2017, 21:09
| #18 |
| Gast | FRST.txt LogCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 (ACHTUNG: ====> FRSTVersion ist 31 Tage alt und könnte veraltet sein)
durchgeführt von Levin_ (Administrator) auf DESKTOP-ICCE417 (15-04-2017 22:05:22)
Gestartet von C:\Users\Levin_\Downloads
Geladene Profile: Levin_ (Verfügbare Profile: defaultuser0 & Levin_)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(kitty.exe) C:\Users\Levin_\AppData\Local\Kitty\cat.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Spotify Ltd) C:\Users\Levin_\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Levin_\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Levin_\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Levin_\AppData\Roaming\Spotify\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClient.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClientUxRender.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClientUxRender.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(TeamSpeak Systems GmbH) C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Levin_\Downloads\puush.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822528 2016-05-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-25] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51928 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-29] (Raptr, Inc)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM\...\Policies\Explorer: [NoDrives] 32
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [puush] => C:\Users\Levin_\Downloads\puush.exe [568904 2017-03-21] ()
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1058360 2017-03-21] ()
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [Chromium] => "c:\users\levin_\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [Discord] => C:\Users\Levin_\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Run: [Spotify Web Helper] => C:\Users\Levin_\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-04] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2017-02-17]
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}\IcoUltraMon.ico ()
Startup: C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-03]
ShortcutTarget: Twitch.lnk -> C:\Users\Levin_\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{182c8903-f48a-4d1f-b928-599f9db38bb0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{2635ef7d-dca4-11e6-b884-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{4121832b-b6fa-4303-9986-cd57992b1118}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9f207d91-d5ac-4b62-8d38-d6b1f347eb1b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{afba860d-8d7c-4591-8f25-b36058ad360c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{afba860d-8d7c-4591-8f25-b36058ad360c}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b3b60dee&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-b3b60dee&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1454896063-1280141672-2160224059-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1454896063-1280141672-2160224059-1001 -> hxxp://www.google.com
FireFox:
========
FF DefaultProfile: c8t259o7.default
FF ProfilePath: C:\Users\Levin_\AppData\Roaming\Mozilla\Firefox\Profiles\c8t259o7.default [2017-04-13]
FF Homepage: Mozilla\Firefox\Profiles\c8t259o7.default -> hxxps://www.google.com/
FF Keyword.URL: Mozilla\Firefox\Profiles\c8t259o7.default -> user_pref("keyword.URL", true);
FF Extension: (Adblock Plus) - C:\Users\Levin_\AppData\Roaming\Mozilla\Firefox\Profiles\c8t259o7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-21]
FF SearchPlugin: C:\Users\Levin_\AppData\Roaming\Mozilla\Firefox\Profiles\c8t259o7.default\searchplugins\bing search engine.xml [2017-02-06]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-24] [ist nicht signiert]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default [2017-04-15]
CHR Extension: (Google Präsentationen) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Google Docs) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Google Drive) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (YouTube) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Adblock Plus) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-11]
CHR Extension: (Steam Inventory Helper) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-04-14]
CHR Extension: (Google Tabellen) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Google Docs Offline) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Mein Chrome-Design) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2017-04-11]
CHR Extension: (Google Mail) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Levin_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-11]
CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Alle) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [299544 2017-02-13] (AMD)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [197632 2016-07-17] (Microsoft Corporation)
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [165376 2016-07-17] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [560128 2017-03-04] (Microsoft Corporation)
S4 AppVClient; C:\Windows\system32\AppVClient.exe [822624 2016-12-14] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2278400 2017-03-18] (Microsoft Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [337920 2016-11-02] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [942080 2016-11-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2247992 2012-07-19] (Broadcom Corporation.)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [361472 2016-09-15] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2017-02-03] ()
R2 BFE; C:\Windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1054208 2016-10-15] (Microsoft Corporation)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462096 2015-08-12] (Apple Inc.)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [770560 2017-03-04] (Microsoft Corporation)
S3 Browser; C:\Windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation)
R2 CDPUserSvc_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764392 2017-03-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2017-03-28] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
S3 CscService; C:\Windows\System32\cscsvc.dll [735744 2016-07-17] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [447488 2016-08-06] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1981440 2017-03-28] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2017-03-28] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2017-03-28] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation)
S2 DoSvc; C:\Windows\system32\dosvc.dll [1231872 2017-03-28] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2016-05-25] (DTS, Inc)
S3 EapHost; C:\Windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2017-01-21] (EasyAntiCheat Ltd)
S3 EFS; C:\Windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1709056 2016-09-15] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
S3 fdPHost; C:\Windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1840640 2017-03-04] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2016-05-25] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-11] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-11] (Google Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
S3 IKEEXT; C:\Windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [945664 2017-03-04] (Microsoft Corporation)
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [689464 2017-03-22] (Apple Inc.)
S3 irmon; C:\Windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
R2 Kitty; C:\Users\Levin_\AppData\Local\Kitty\cat.exe [220672 2017-04-14] (kitty.exe) [Datei ist nicht signiert]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-08-20] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [172488 2017-03-23] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [893952 2017-03-04] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
S3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265728 2016-11-02] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [330752 2017-03-04] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-10-05] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [368640 2016-10-05] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-10] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-10] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1325384 2017-03-21] (Overwolf LTD)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [500064 2016-10-15] (Microsoft Corporation)
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1949696 2016-07-17] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-07] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-02-16] (Copyright (c) 2017 Plays.tv, LLC)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2017-03-10] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-03-28] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [358400 2016-09-15] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [658432 2017-03-04] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [496128 2016-09-15] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [431104 2016-09-15] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2017-03-28] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [57400 2016-09-07] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [201728 2016-12-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [70656 2016-09-15] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-09-15] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [179200 2016-07-17] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [387072 2016-09-15] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [331776 2016-09-15] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [324224 2016-09-20] (Skype Technologies)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2016-08-06] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [20992 2016-08-06] (Microsoft Corporation)
R3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
R2 SNARE; C:\Users\Levin_\AppData\Local\SNARE\Snarer.dll [793600 2017-04-13] (InterSect Alliance Pty Ltd) [Datei ist nicht signiert]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5622088 2016-10-15] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation)
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1590560 2017-03-23] (Valve Corporation)
S2 stisvc; C:\Windows\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\Windows\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation)
S4 UevAgentService; C:\Windows\system32\AgentService.exe [1227264 2016-07-17] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [273408 2016-07-17] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1184256 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation)
S3 UnistoreSvc_42de1; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation)
S3 UserDataSvc_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-09-15] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [549376 2017-03-28] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [649216 2017-03-04] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1443328 2017-03-04] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [520192 2016-08-06] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1547264 2017-03-04] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [636928 2017-03-04] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2333184 2017-03-28] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2017-03-28] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2104320 2016-11-11] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-09-07] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_42de1; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_42de1; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903680 2017-03-04] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [773120 2017-03-04] (Microsoft Corporation)
R3 wuauserv; C:\Windows\system32\wuaueng.dll [2316288 2017-03-28] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0311139.inf_amd64_2aa9c01a2af97538\atikmdag.sys [32699928 2017-02-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0311139.inf_amd64_2aa9c01a2af97538\atikmpag.sys [525848 2017-02-13] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] ()
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2017-01-09] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [84472 2017-01-09] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-07-19] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-15] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [36832 2017-02-05] (Wellbia.com Co., Ltd.)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]
S1 hnkhssgl; \??\C:\Windows\system32\drivers\hnkhssgl.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Geändert von Evile_Banane (15.04.2017 um 21:26 Uhr) |
|
15.04.2017, 21:10
| #19 |
| Gast | FRST.txt LogCode:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-15 12:46 - 2017-04-15 12:46 - 00001125 _____ C:\Users\Levin_\Desktop\JRT.txt
2017-04-15 12:44 - 2017-04-15 12:44 - 01663672 _____ (Malwarebytes) C:\Users\Levin_\Downloads\JRT.exe
2017-04-15 12:44 - 2017-04-15 12:44 - 01663672 _____ (Malwarebytes) C:\Users\Levin_\Desktop\JRT.exe
2017-04-15 12:43 - 2017-04-15 12:43 - 00003668 _____ C:\Users\Levin_\Desktop\AdwCleaner[C8].txt
2017-04-15 12:38 - 2017-04-15 12:38 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\0CC723C3.sys
2017-04-15 12:35 - 2017-04-15 12:35 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\138F213D.sys
2017-04-15 01:05 - 2017-04-15 01:05 - 18438319 _____ C:\Users\Levin_\Downloads\steamcmd.zip
2017-04-15 00:51 - 2017-04-15 00:51 - 02416300 _____ C:\Users\Levin_\Downloads\CSay-CSGO.zip
2017-04-14 16:55 - 2017-04-14 22:51 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-04-14 16:51 - 2017-04-14 18:00 - 00000000 ____D C:\Users\Levin_\Desktop\mbar
2017-04-14 16:50 - 2017-04-14 16:50 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Levin_\Downloads\mbar-1.09.3.1001.exe
2017-04-14 15:22 - 2017-04-14 15:22 - 00000000 ____D C:\Users\Levin_\AppData\Local\Alltie
2017-04-14 15:21 - 2017-04-14 15:21 - 00000000 ____D C:\ProgramData\Software
2017-04-14 15:21 - 2017-04-14 15:21 - 00000000 ____D C:\Program Files (x86)\Alltie
2017-04-13 11:30 - 2017-04-13 11:30 - 00000000 ____D C:\Users\Levin_\AppData\Local\SNARE
2017-04-13 11:30 - 2017-04-13 11:30 - 00000000 ____D C:\Users\Levin_\AppData\Local\Kitty
2017-04-12 02:41 - 2017-04-12 02:41 - 00000000 _____ C:\Windows\SysWOW64\1
2017-04-12 02:40 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-04-12 02:40 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2017-04-12 02:40 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-12 02:40 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-12 02:40 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-04-12 02:40 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 02:40 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2017-04-12 02:40 - 2017-03-28 08:22 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-04-12 02:40 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2017-04-12 02:40 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-04-12 02:40 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-04-12 02:40 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-12 02:40 - 2017-03-28 08:15 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-04-12 02:40 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-04-12 02:40 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-12 02:40 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-04-12 02:40 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-04-12 02:40 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-12 02:40 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-04-12 02:40 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-04-12 02:40 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-12 02:40 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-04-12 02:40 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-04-12 02:40 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 02:40 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 02:40 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-04-12 02:40 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-04-12 02:40 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 02:40 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 02:40 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-04-12 02:40 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-04-12 02:40 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-04-12 02:40 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 02:40 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-04-12 02:40 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-04-12 02:40 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-12 02:40 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-04-12 02:40 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-04-12 02:40 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-04-12 02:40 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 02:40 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 02:40 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-04-12 02:40 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2017-04-12 02:40 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2017-04-12 02:40 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-04-12 02:40 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2017-04-12 02:40 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-04-12 02:40 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-04-12 02:40 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 02:40 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 02:40 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-04-12 02:40 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-04-12 02:40 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-04-12 02:40 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-12 02:40 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-04-12 02:40 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-04-12 02:40 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-04-12 02:40 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 02:40 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys
2017-04-12 02:40 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-04-12 02:40 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-04-12 02:40 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-04-12 02:40 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-04-12 02:40 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 02:40 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-04-12 02:40 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-04-12 02:40 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-04-12 02:40 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-04-12 02:40 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-04-12 02:40 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 02:40 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2017-04-12 02:40 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 02:40 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 02:40 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-12 02:40 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-04-12 02:40 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 02:40 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll
2017-04-12 02:40 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-04-12 02:40 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-04-12 02:40 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-04-12 02:40 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-04-12 02:40 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-04-12 02:40 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-04-12 02:40 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-04-12 02:40 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-04-12 02:40 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2017-04-12 02:40 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-04-12 02:40 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-04-12 02:40 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-12 02:40 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-12 02:40 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-04-12 02:40 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-04-12 02:40 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-04-12 02:40 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2017-04-12 02:40 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 02:40 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 02:40 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2017-04-12 02:40 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2017-04-12 02:40 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-04-12 02:40 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 02:40 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-04-12 02:40 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll
2017-04-12 02:40 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-04-12 02:40 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-04-12 02:40 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-04-12 02:40 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-12 02:40 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2017-04-12 02:40 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-04-12 02:40 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-12 02:40 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-04-12 02:40 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 02:40 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-04-12 02:40 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-04-12 02:40 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-04-12 02:40 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2017-04-12 02:40 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-04-12 02:40 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-04-12 02:40 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-04-12 02:40 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-04-12 02:40 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-04-12 02:40 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-12 02:40 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-04-12 02:40 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-04-12 02:40 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-12 02:40 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-04-12 02:40 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-12 02:40 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 02:40 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-04-12 02:40 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-04-12 02:40 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-04-12 02:40 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-12 02:40 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-12 02:40 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-04-12 02:40 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 02:40 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-04-12 02:40 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-04-12 02:40 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-12 02:40 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-12 02:40 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-04-12 02:40 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2017-04-12 02:40 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-04-12 02:40 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-04-12 02:40 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2017-04-12 02:40 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-04-12 02:40 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-04-12 02:40 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 02:40 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-12 02:40 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2017-04-12 02:40 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-04-12 02:40 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2017-04-12 02:39 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-12 02:39 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-12 02:39 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-12 02:39 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-12 02:39 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-12 02:39 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-04-12 02:39 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-04-12 02:39 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-04-12 02:39 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-04-12 02:39 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-04-12 02:39 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-04-12 02:39 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-04-12 02:39 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-04-12 02:39 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-04-12 02:39 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-04-12 02:39 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-04-12 02:39 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-04-12 02:39 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-04-12 02:39 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-04-12 02:39 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2017-04-12 02:39 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-04-12 02:39 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-04-12 02:39 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll
2017-04-12 02:39 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-04-12 02:39 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-04-12 02:39 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2017-04-12 02:39 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-04-12 02:39 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2017-04-12 02:39 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 02:39 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-04-12 02:39 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-04-12 02:39 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-04-12 02:39 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-04-12 02:39 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 02:39 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 02:39 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-04-12 02:39 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-04-12 02:39 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-04-12 02:39 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 02:39 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 02:39 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-04-12 02:39 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-04-12 02:39 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-12 02:39 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-04-12 02:39 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-04-12 02:39 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-04-12 02:39 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-04-12 02:39 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-04-12 02:39 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-04-12 02:39 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-04-12 02:39 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-04-12 02:39 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2017-04-12 02:39 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-04-12 02:39 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-04-12 02:39 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-04-12 02:39 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-04-12 02:39 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-04-12 02:39 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-04-12 02:39 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2017-04-12 02:39 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-04-12 02:39 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-04-12 02:39 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-04-12 02:39 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-04-12 02:39 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 02:39 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-04-12 02:39 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-12 02:39 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-04-12 02:39 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-04-12 02:39 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-04-12 02:39 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-04-12 02:39 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-12 02:39 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-04-12 02:39 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-04-12 02:39 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-04-12 02:39 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-04-12 02:39 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-04-12 02:39 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2017-04-12 02:39 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 02:39 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-04-12 02:39 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2017-04-11 15:10 - 2017-04-11 15:10 - 00111326 _____ C:\Users\Levin_\Downloads\new 1.txt
2017-04-11 14:36 - 2017-04-11 14:36 - 00000000 ____D C:\Program Files (x86)\MIO
2017-04-11 14:35 - 2017-04-11 14:35 - 00056918 _____ C:\Users\Levin_\Downloads\LogDatein.zip
2017-04-11 13:21 - 2017-04-14 15:21 - 00002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-11 13:21 - 2017-04-11 13:21 - 00245640 _____ C:\Users\Levin_\Downloads\Firefox Setup Stub 52.0.2 (1).exe
2017-04-11 13:21 - 2017-04-11 13:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-11 13:00 - 2017-04-15 22:06 - 00044084 _____ C:\Users\Levin_\Downloads\FRST.txt
2017-04-11 12:59 - 2017-04-11 12:59 - 00110839 _____ C:\Users\Levin_\Downloads\Addition.txt
2017-04-11 12:39 - 2017-04-11 12:39 - 00014159 _____ C:\Users\Levin_\Downloads\diginsan.nfo
2017-04-11 12:29 - 2017-04-15 22:05 - 00000000 ____D C:\FRST
2017-04-11 12:28 - 2017-04-11 12:28 - 02424832 _____ (Farbar) C:\Users\Levin_\Downloads\FRST64.exe
2017-04-11 12:22 - 2017-04-14 17:13 - 00002292 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-11 12:22 - 2017-04-14 15:21 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-11 12:21 - 2017-04-11 12:28 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 12:21 - 2017-04-11 12:28 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-11 12:21 - 2017-04-11 12:21 - 01129376 _____ (Google Inc.) C:\Users\Levin_\Downloads\ChromeSetup.exe
2017-04-10 18:54 - 2017-04-12 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-10 18:53 - 2017-04-10 18:53 - 00245640 _____ C:\Users\Levin_\Downloads\Firefox Setup Stub 52.0.2.exe
2017-04-10 18:50 - 2017-04-10 18:51 - 48550504 _____ (Google Inc.) C:\Users\Levin_\Downloads\ChromeStandaloneSetup64.exe
2017-04-10 18:42 - 2017-04-15 19:08 - 00004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A4744191-D74B-495F-BDD4-126A18E1B699}
2017-04-10 17:41 - 2017-04-10 17:41 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Levin_\Downloads\rkill.exe
2017-04-10 17:39 - 2017-04-10 17:41 - 04089296 _____ C:\Users\Levin_\Desktop\adwcleaner_6.045.exe
2017-04-10 13:27 - 2017-04-10 13:27 - 00000000 ____D C:\ProgramData\common
2017-04-09 03:10 - 2017-04-09 03:10 - 01673544 _____ ( ) C:\Users\Levin_\Downloads\cpu-z_1.78-en.exe
2017-04-08 21:26 - 2017-04-08 21:26 - 00502265 _____ C:\Users\Levin_\Downloads\connectionHistory.ts3_plugin
2017-04-08 21:26 - 2017-04-08 21:26 - 00286230 _____ C:\Users\Levin_\Downloads\chatlog_vwr.ts3_plugin
2017-04-08 21:26 - 2017-04-08 21:26 - 00209395 _____ C:\Users\Levin_\Downloads\autoReply.ts3_plugin
2017-04-08 21:22 - 2017-04-08 21:22 - 00015238 _____ C:\Users\Levin_\Downloads\NoMove.ts3_plugin
2017-04-07 12:53 - 2017-04-07 12:55 - 00000000 ____D C:\Users\Levin_\Documents\Twitch
2017-04-07 12:52 - 2017-04-07 12:53 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\streamlabels
2017-04-07 12:50 - 2017-04-07 12:50 - 65126232 _____ (ActionBa5tard) C:\Users\Levin_\Downloads\streamlabels+setup.exe
2017-04-06 15:29 - 2017-04-06 15:29 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-04-06 15:29 - 2017-04-06 15:29 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\discord
2017-04-06 15:28 - 2017-04-06 15:29 - 00000000 ____D C:\Users\Levin_\AppData\Local\SquirrelTemp
2017-04-06 15:28 - 2017-04-06 15:29 - 00000000 ____D C:\Users\Levin_\AppData\Local\Discord
2017-04-03 19:24 - 2017-04-03 19:24 - 00001941 _____ C:\Users\Levin_\Desktop\iTunes.lnk
2017-04-03 17:16 - 2017-04-05 17:56 - 00000000 ____D C:\Program Files (x86)\phase5
2017-04-03 17:16 - 2017-04-03 17:16 - 03746496 _____ (Systemberatung Schommer) C:\Users\Levin_\Downloads\phase5623install.exe
2017-04-03 16:11 - 2017-04-03 16:11 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\LolClient
2017-04-03 15:47 - 2017-04-03 15:47 - 00000000 ____D C:\ProgramData\Twitch
2017-04-03 15:45 - 2017-04-12 21:01 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Twitch
2017-04-03 15:45 - 2017-04-03 15:45 - 00001108 _____ C:\Users\Levin_\Desktop\Twitch.lnk
2017-04-03 15:45 - 2017-04-03 15:45 - 00001094 _____ C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-04-03 15:45 - 2017-04-03 15:45 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Twitch Setup
2017-04-03 15:44 - 2017-04-03 15:45 - 111863648 _____ (Twitch Interactive, Inc.) C:\Users\Levin_\Downloads\TwitchSetup.exe
2017-04-02 12:02 - 2017-04-02 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-04-02 12:01 - 2017-04-02 12:02 - 00000000 ____D C:\Program Files\iTunes
2017-04-02 12:01 - 2017-04-02 12:01 - 00000000 ____D C:\Program Files\iPod
2017-04-02 12:00 - 2017-04-02 12:00 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2017-04-02 12:00 - 2017-04-02 12:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-03-30 13:54 - 2017-03-30 13:54 - 00000000 ____D C:\Update
2017-03-28 11:59 - 2017-03-28 11:59 - 52553728 _____ (Hammer & Chisel, Inc.) C:\Users\Levin_\Downloads\DiscordSetup.exe
2017-03-25 14:37 - 2017-03-25 14:37 - 00000000 ____D C:\Users\Levin_\Documents\Razer
2017-03-25 14:28 - 2017-04-02 01:52 - 00000000 ____D C:\Users\Levin_\AppData\Local\Razer
2017-03-25 14:27 - 2017-04-02 01:52 - 00000000 ____D C:\Program Files (x86)\Razer
2017-03-25 14:25 - 2017-03-25 14:26 - 158992448 _____ (Razer Inc. ) C:\Users\Levin_\Downloads\RazerCortexSetup_8.0.104.420.exe
2017-03-24 23:35 - 2017-03-24 23:35 - 00000000 ____D C:\Users\Levin_\AppData\Local\PAYDAY 2
2017-03-24 13:20 - 2017-03-24 13:20 - 00001078 _____ C:\Users\Levin_\Desktop\MakeMKV.lnk
2017-03-24 13:20 - 2017-03-24 13:20 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2017-03-24 13:20 - 2017-03-24 13:20 - 00000000 ____D C:\Program Files (x86)\MakeMKV
2017-03-24 13:19 - 2017-03-24 13:19 - 10897511 _____ (GuinpinSoft inc) C:\Users\Levin_\Downloads\Setup_MakeMKV_v1.10.4.exe
2017-03-23 16:17 - 2017-03-23 16:17 - 00002012 _____ C:\Users\Levin_\Desktop\Skiller PRO.lnk
2017-03-23 16:02 - 2017-03-23 17:00 - 00001273 _____ C:\Users\Levin_\Desktop\nativelog.txt
2017-03-23 16:01 - 2017-03-23 16:01 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Sun
2017-03-23 16:01 - 2017-03-23 16:01 - 00000000 ____D C:\Users\Levin_\AppData\LocalLow\Sun
2017-03-23 16:00 - 2017-03-23 16:00 - 00739392 _____ (Oracle Corporation) C:\Users\Levin_\Downloads\JavaSetup8u121.exe
2017-03-23 15:58 - 2017-03-23 15:58 - 04612343 _____ C:\Users\Levin_\Downloads\forge-1.10.2-12.18.3.2185-installer-win.exe
2017-03-23 15:56 - 2017-03-23 15:57 - 04578039 _____ C:\Users\Levin_\Downloads\forge-1.10.2-12.18.3.2185-installer.jar
2017-03-23 15:56 - 2017-03-23 15:56 - 01750775 _____ C:\Users\Levin_\Downloads\Huzuni-5.0.3.jar
2017-03-23 15:51 - 2017-03-23 15:51 - 33401761 _____ C:\Users\Levin_\Downloads\PureBDcraft 128x MC110.zip
2017-03-23 15:45 - 2017-03-23 15:46 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-03-23 15:45 - 2017-03-23 15:45 - 00001044 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-03-23 15:45 - 2017-03-23 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-03-23 15:44 - 2017-03-23 15:44 - 02314240 _____ C:\Users\Levin_\Downloads\MinecraftInstaller.msi
2017-03-22 15:47 - 2017-03-22 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller PRO
2017-03-22 15:47 - 2017-03-22 15:47 - 00000000 ____D C:\Program Files (x86)\Skiller PRO
2017-03-22 15:46 - 2017-03-22 15:46 - 22931826 _____ C:\Users\Levin_\Downloads\sw_config_skiller_pro_20150724.zip
2017-03-20 14:50 - 2017-03-21 11:17 - 00568904 _____ C:\Users\Levin_\Downloads\puush.exe
2017-03-20 14:48 - 2017-03-20 14:51 - 00000000 ____D C:\Users\Levin_\Documents\ShareX
2017-03-18 17:20 - 2017-03-18 17:20 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-03-18 17:20 - 2017-03-18 17:20 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-03-18 17:20 - 2017-03-18 17:20 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-03-18 17:19 - 2017-03-18 17:19 - 40376862 _____ C:\Users\Levin_\Downloads\MSIAfterburnerSetup.zip
2017-03-17 11:54 - 2017-03-17 11:55 - 68582904 _____ (obsproject.com) C:\Users\Levin_\Downloads\OBS_0_659b_With_Browser_Installer.exe
2017-03-17 11:52 - 2017-03-17 11:52 - 48985385 _____ C:\Users\Levin_\Downloads\CLRBrowserSourcePlugin-20140909x64.zip
2017-03-17 11:50 - 2017-03-17 11:50 - 113001480 _____ (obsproject.com) C:\Users\Levin_\Downloads\OBS-Studio-18.0.1-Full-Installer (1).exe
2017-03-17 11:20 - 2017-03-17 11:54 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\obs-studio
2017-03-17 11:20 - 2017-03-17 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-03-17 11:19 - 2017-03-17 11:20 - 00000000 ____D C:\Program Files (x86)\obs-studio
2017-03-17 11:18 - 2017-03-17 11:19 - 113001480 _____ (obsproject.com) C:\Users\Levin_\Downloads\OBS-Studio-18.0.1-Full-Installer.exe
2017-03-17 11:02 - 2017-03-17 11:02 - 00034978 _____ C:\Users\Levin_\Downloads\giphy.mp4
2017-03-16 15:19 - 2017-03-16 15:19 - 00013779 _____ C:\Users\Levin_\Downloads\des_dinosaursarealive.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-15 21:53 - 2017-01-17 13:37 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Spotify
2017-04-15 21:44 - 2017-01-17 13:50 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\TS3Client
2017-04-15 21:13 - 2017-02-05 02:51 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\OBS
2017-04-15 21:03 - 2015-11-08 17:26 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-15 17:52 - 2017-01-17 16:28 - 00000000 ____D C:\Users\Levin_\AppData\Local\Overwolf
2017-04-15 15:33 - 2017-01-17 13:00 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-04-15 12:49 - 2017-01-17 13:08 - 00000000 ____D C:\Users\Levin_
2017-04-15 12:47 - 2017-01-17 13:11 - 00005638 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-15 12:47 - 2016-07-17 00:51 - 01249586 _____ C:\Windows\system32\perfh007.dat
2017-04-15 12:47 - 2016-07-17 00:51 - 00305388 _____ C:\Windows\system32\perfc007.dat
2017-04-15 12:42 - 2017-02-17 14:28 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-15 12:42 - 2017-01-17 13:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-15 12:41 - 2017-03-08 15:35 - 00000000 ____D C:\AdwCleaner
2017-04-15 12:41 - 2017-02-17 14:45 - 00000008 __RSH C:\Users\Levin_\ntuser.pol
2017-04-15 12:41 - 2017-01-17 18:15 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-04-15 12:41 - 2017-01-17 13:11 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-15 12:41 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-04-14 17:41 - 2017-02-17 14:28 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-04-14 17:37 - 2017-01-17 13:11 - 00000000 ____D C:\Users\Levin_\AppData\Local\AMD
2017-04-14 17:37 - 2017-01-17 13:00 - 00000000 ____D C:\Windows\ServiceProfiles
2017-04-14 16:55 - 2017-02-17 14:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-14 15:26 - 2017-01-30 22:17 - 00000000 ____D C:\Users\Levin_\AppData\LocalLow\Mozilla
2017-04-14 12:44 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-04-13 23:17 - 2017-01-17 13:38 - 00000000 ____D C:\Users\Levin_\AppData\Local\Spotify
2017-04-13 11:33 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-13 11:28 - 2017-01-17 13:46 - 00000000 ____D C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client
2017-04-12 20:11 - 2017-02-17 14:28 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-12 12:00 - 2017-01-17 13:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 12:00 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-04-12 11:56 - 2017-01-17 13:00 - 04858776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\setup
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\setup
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-12 02:55 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-04-12 02:55 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\system32\Dism
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 02:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 02:44 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-04-12 02:41 - 2017-01-17 15:53 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-04-12 02:41 - 2017-01-17 15:53 - 00000000 ____D C:\Windows\system32\MRT
2017-04-11 18:04 - 2017-01-17 13:08 - 00000000 ____D C:\Users\Levin_\AppData\Local\Packages
2017-04-11 12:22 - 2017-01-17 13:24 - 00000000 ____D C:\Users\Levin_\AppData\Local\Google
2017-04-11 12:22 - 2017-01-17 13:24 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-11 00:43 - 2017-03-03 15:30 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-10 18:01 - 2017-01-20 20:27 - 00000000 ____D C:\Games
2017-04-10 15:54 - 2017-02-03 16:33 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\vlc
2017-04-10 15:27 - 2017-02-11 20:38 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\dvdcss
2017-04-10 15:26 - 2015-11-23 19:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-04-10 13:44 - 2017-01-17 18:16 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2017-04-10 13:33 - 2017-01-17 18:08 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-04-10 11:43 - 2017-01-29 19:26 - 00000194 _____ C:\Users\Levin_\Desktop\Trials.txt
2017-04-09 23:10 - 2017-01-22 17:29 - 00000222 _____ C:\Users\Levin_\Desktop\Filmstens.txt
2017-04-09 15:49 - 2017-01-22 02:13 - 00603688 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2017-04-09 01:45 - 2017-01-17 13:42 - 00000000 ____D C:\Users\Levin_\Documents\My games
2017-04-03 20:54 - 2017-01-17 18:42 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Apple Computer
2017-04-02 12:01 - 2017-01-17 18:41 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-04-02 12:00 - 2017-01-17 18:42 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-03-28 13:11 - 2016-07-16 14:58 - 00389330 __RSH C:\bootmgr
2017-03-28 08:20 - 2017-01-17 13:06 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-03-26 21:26 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-03-26 16:06 - 2017-01-17 16:32 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\Origin
2017-03-26 16:06 - 2017-01-17 16:29 - 00000000 ____D C:\ProgramData\Origin
2017-03-26 13:41 - 2017-03-10 00:06 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-03-26 13:41 - 2017-01-21 19:35 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-03-26 13:23 - 2017-01-21 19:34 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-03-24 13:13 - 2017-01-17 21:13 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-03-23 17:00 - 2017-01-22 17:36 - 00000000 ____D C:\Users\Levin_\AppData\Roaming\.minecraft
2017-03-22 15:47 - 2017-01-17 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-22 14:57 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\NDF
2017-03-18 17:18 - 2017-01-22 17:29 - 00000326 _____ C:\Users\Levin_\Desktop\Musik.txt
2017-03-18 17:16 - 2017-01-22 17:28 - 00000000 ____D C:\Users\Levin_\Desktop\Pics Desctop
2017-03-18 02:43 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\PrintDialog
2017-03-18 02:43 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-03-18 02:43 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\bcastdvr
2017-03-17 10:47 - 2017-01-17 20:10 - 00000000 ____D C:\Program Files (x86)\OBS
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-01-19 13:37 - 2017-02-16 01:49 - 0000293 _____ () C:\Users\Levin_\AppData\Roaming\WB.CFG
2017-01-17 18:12 - 2017-01-17 18:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-01-30 18:49 - 2017-01-30 18:49 - 0000512 _____ () C:\Users\Levin_\AppData\Local\Temp\3d51890c7b88e4feeeed777176b46429.dll
2017-03-10 18:59 - 2005-11-01 06:09 - 0729088 _____ (Electronic Arts Inc.) C:\Users\Levin_\AppData\Local\Temp\AutoRun.exe
2017-03-10 18:59 - 2005-10-14 11:02 - 0585728 _____ (Electronic Arts Inc.) C:\Users\Levin_\AppData\Local\Temp\AutoRunGUI.dll
2017-04-11 18:03 - 2005-11-01 06:09 - 0344064 _____ (Electronic Arts Inc.) C:\Users\Levin_\AppData\Local\Temp\eauninstall.exe
2017-02-05 03:31 - 2017-02-05 03:31 - 0000512 _____ () C:\Users\Levin_\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
2017-02-05 03:31 - 2017-02-05 03:31 - 0000056 _____ () C:\Users\Levin_\AppData\Local\Temp\fd6467de663d13cc63e39abaeee2f8f7.dll
2017-03-23 16:03 - 2017-03-23 16:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-3261473256547952668.dll
2017-03-23 16:13 - 2017-03-23 16:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-3859408922619964083.dll
2017-03-23 16:18 - 2017-03-23 16:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-4330792550078181163.dll
2017-03-23 16:25 - 2017-03-23 16:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-6222854848500504866.dll
2017-03-23 16:22 - 2017-03-23 16:22 - 0019968 _____ (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-6716980098813619276.dll
2017-03-23 16:16 - 2017-03-23 16:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-7190568545274061126.dll
2017-03-23 16:13 - 2017-03-23 16:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-7852071733257243290.dll
2017-03-23 16:16 - 2017-03-23 16:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-8043605640114416857.dll
2017-03-23 16:13 - 2017-03-23 16:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-8267182668365510900.dll
2017-03-23 16:14 - 2017-03-23 16:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-8658835363312007424.dll
2017-03-23 16:13 - 2017-03-23 16:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Levin_\AppData\Local\Temp\jansi-64-8705314490002429494.dll
2017-04-11 18:03 - 2005-10-04 01:26 - 0073728 _____ (Electronic Arts Inc.) C:\Users\Levin_\AppData\Local\Temp\Need for Speed Most Wanted_uninst.exe
2017-03-09 16:26 - 2017-03-09 16:26 - 0040448 _____ () C:\Users\Levin_\AppData\Local\Temp\proxy_vole1539923268016117706.dll
2017-03-09 16:26 - 2017-03-09 16:26 - 0040448 ____N () C:\Users\Levin_\AppData\Local\Temp\proxy_vole5254556505064187169.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-06 23:29
==================== Ende von FRST.txt ============================
Geändert von Evile_Banane (15.04.2017 um 21:26 Uhr) |
|
15.04.2017, 21:26
| #20 |
| Gast | Addition.txt LogCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Levin_ (15-04-2017 22:06:38)
Gestartet von C:\Users\Levin_\Downloads
Windows 10 Pro Version 1607 (X64) (2017-01-17 11:06:35)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1454896063-1280141672-2160224059-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1454896063-1280141672-2160224059-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1454896063-1280141672-2160224059-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-1454896063-1280141672-2160224059-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1454896063-1280141672-2160224059-1005 - Limited - Enabled)
Levin_ (S-1-5-21-1454896063-1280141672-2160224059-1001 - Administrator - Enabled) => C:\Users\Levin_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Alien: Isolation (HKLM\...\Steam App 214490) (Version: - Creative Assembly)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Batman: Arkham Asylum GOTY Edition (HKLM\...\Steam App 35140) (Version: - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM\...\Steam App 200260) (Version: - Rocksteady Studios)
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version: - WB Games Montreal)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Beast Blaster (HKLM\...\Steam App 447880) (Version: - Zonitron Productions)
BioShock (HKLM\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM\...\Steam App 8850) (Version: - 2K Marin)
BioShock Infinite (HKLM\...\Steam App 8870) (Version: - Irrational Games)
Bold New World (HKLM\...\Steam App 581620) (Version: - Limed)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Break Into Zatwor (HKLM\...\Steam App 395980) (Version: - Zonitron Productions)
Brilliant Bob (HKLM\...\Steam App 368900) (Version: - Zonitron Productions)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0210.908.16431 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Cyborg Detonator (HKLM\...\Steam App 462370) (Version: - Zonitron Productions)
Dark Souls III (HKLM-x32\...\Dark Souls III_is1) (Version: - )
Dead Island (HKLM\...\Steam App 91310) (Version: - Techland)
Dead Island Riptide Version 1.4.1.1.13 (HKLM-x32\...\Dead Island Riptide_is1) (Version: 1.4.1.1.13 - Techland)
Désiré (HKLM\...\Steam App 399700) (Version: - Sylvain Seccia)
Discord (HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Dynasty Feud (HKLM\...\Steam App 493180) (Version: - Kaia Studios)
Epistory - Typing Chronicles (HKLM\...\Steam App 398850) (Version: - Fishing Cactus)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Fiends of Imprisonment (HKLM\...\Steam App 410590) (Version: - Zonitron Productions)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version: - Blacklight Interactive®)
GooCubelets (HKLM\...\Steam App 397620) (Version: - Zonitron Productions)
GooCubelets 2 (HKLM\...\Steam App 416270) (Version: - Zonitron Productions)
GooCubelets: OCD (HKLM\...\Steam App 460660) (Version: - Zonitron Productions)
GooCubelets: The Algoorithm (HKLM\...\Steam App 431270) (Version: - Zonitron Productions)
GooCubelets: The Void (HKLM\...\Steam App 505440) (Version: - Zonitron Productions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Head Shot (HKLM\...\Steam App 485310) (Version: - Indie Game Group)
Heaven Island - VR MMO (HKLM\...\Steam App 400250) (Version: - Fabio Ferrara)
Hitman: Absolution (HKLM\...\Steam App 203140) (Version: - IO Interactive)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Let's Draw (HKLM\...\Steam App 575490) (Version: - Indie Game Group)
MakeMKV v1.10.4 (HKLM-x32\...\MakeMKV) (Version: v1.10.4 - GuinpinSoft inc)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minion Masters (HKLM\...\Steam App 489520) (Version: - BetaDwarf)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Mortal Kombat X (HKLM\...\Steam App 307780) (Version: - NetherRealm Studios)
Mozilla Firefox 52.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
North Side (HKLM\...\Steam App 546450) (Version: - Obidak Software)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Only One Hope (HKLM\...\Steam App 581610) (Version: - Belarus Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.44.0 - Overwolf Ltd.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.19.0-r120634-release - Plays.tv, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Rage Wars (HKLM\...\Steam App 554310) (Version: - Lemondo Games)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7829 - Realtek Semiconductor Corp.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version: - Crystal Dynamics)
Sang-Froid - Tales of Werewolves (HKLM\...\Steam App 227220) (Version: - Artifice Studio)
Shot Shot Tactic (HKLM\...\Steam App 562270) (Version: - Indie Game Group)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
TeamSpeak 3 Client (HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
The Note (HKLM\...\Steam App 345920) (Version: - ArtemizGame)
The Tower Of Elements (HKLM\...\Steam App 377310) (Version: - Wulo Games)
They Came From The Moon (HKLM\...\Steam App 432150) (Version: - Zonitron Productions)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics)
Twitch (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
UltraMon (HKLM\...\{D4E62D29-31A1-4938-8CB7-7D275C1AEAC6}) (Version: 3.3.0 - Realtime Soft Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Why So Evil (HKLM\...\Steam App 331710) (Version: - Zonitron Productions)
Why So Evil 2: Dystopia (HKLM\...\Steam App 354850) (Version: - Zonitron Productions)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\WinDirStat) (Version: - )
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zombie Boom (HKLM\...\Steam App 516700) (Version: - Zonitron Productions)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1454896063-1280141672-2160224059-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-62C31A8E8B6F}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {192412E3-4631-4CF6-BD30-2E58B142C619} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {24DDDDEF-3630-4668-9330-2765B603FDBE} - \Erbawardphozit -> Keine Datei <==== ACHTUNG
Task: {38C18A79-585B-4AE3-866B-C69AC85CA1A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {71EDADC5-F1C9-49AC-8725-18E4B47C6671} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
Task: {C349BAF6-4EFB-4035-97E8-149998A2EE76} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-02-10] (Advanced Micro Devices, Inc.)
Task: {D02AE130-5782-4ABF-BB4E-271118440972} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-03-21] (Overwolf LTD)
Task: {E94025DC-6E92-4EF2-84AB-C1374DF327A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Levin_\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Alltie\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Levin_\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Alltie\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Levin_\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2572d0ef8585eb3c\Google Chrome.lnk -> C:\Program Files (x86)\Alltie\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Alltie\Application\chrome.exe (Google Inc.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-04-12 02:40 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-03-10 00:06 - 2017-03-10 00:06 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-01-17 18:08 - 2014-04-24 14:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-01-17 18:08 - 2015-05-08 14:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-17 14:28 - 2017-04-12 20:11 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-12 02:40 - 2017-03-28 08:22 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-01-17 18:10 - 2016-05-25 11:00 - 00105312 _____ () C:\Windows\SYSTEM32\audioLibVc.dll
2017-04-10 11:15 - 2017-04-10 11:16 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 11:15 - 2017-04-10 11:16 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 11:15 - 2017-04-10 11:16 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 11:15 - 2017-04-10 11:16 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-17 15:48 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 22:19 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-05 13:39 - 2017-04-05 13:40 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-17 13:41 - 2017-01-17 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-17 01:02 - 2016-07-17 01:02 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-04-05 13:39 - 2017-04-05 13:40 - 00024064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Lumia.ViewerPluginProxy.dll
2017-04-13 11:27 - 2017-04-07 11:01 - 03288704 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClient.exe
2017-04-13 11:27 - 2017-04-07 11:00 - 01723008 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClientUx.exe
2017-04-13 11:27 - 2017-04-07 11:00 - 01723008 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.63\deploy\LeagueClientUxRender.exe
2016-07-14 12:25 - 2017-04-13 11:29 - 00176408 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\quazip.dll
2017-01-17 13:52 - 2017-03-21 11:20 - 00020248 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\libEGL.DLL
2017-01-17 13:52 - 2017-03-21 11:20 - 01975064 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\libGLESv2.dll
2016-07-14 12:25 - 2017-04-13 11:29 - 00107288 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-07-14 12:25 - 2017-04-13 11:29 - 00128280 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2017-03-24 14:23 - 2017-04-04 19:39 - 00345880 _____ () C:\Users\Levin_\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2017-02-05 21:13 - 2017-02-05 21:13 - 00102912 _____ () C:\Users\Levin_\AppData\Roaming\TS3Client\plugins\TS3MassMover_win64.dll
2017-04-08 21:22 - 2017-04-08 21:22 - 00039424 _____ () C:\Users\Levin_\AppData\Roaming\TS3Client\plugins\NoMove64.dll
2017-01-17 13:52 - 2017-03-21 11:20 - 00021784 _____ () C:\Users\Levin_\AppData\Local\TeamSpeak 3 Client\QtWebEngineProcess.exe
2017-03-20 14:50 - 2017-03-21 11:17 - 00568904 _____ () C:\Users\Levin_\Downloads\puush.exe
2017-03-15 22:20 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 22:20 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 22:20 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 02:40 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 02:40 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 02:40 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-11 12:22 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-11 12:22 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-03-15 22:20 - 2017-03-04 08:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-01-17 18:08 - 2017-04-15 12:42 - 00042496 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-01-17 18:08 - 2015-05-08 14:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-02-16 04:19 - 2017-02-16 04:19 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-02-16 04:19 - 2017-02-16 04:19 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-09-24 14:13 - 2017-03-07 19:29 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-01-17 13:38 - 2017-04-04 12:13 - 67725936 _____ () C:\Users\Levin_\AppData\Roaming\Spotify\libcef.dll
2017-01-17 13:38 - 2017-04-04 12:13 - 00110192 _____ () C:\Users\Levin_\AppData\Roaming\Spotify\SpotifyWinRT.dll
2015-11-08 18:09 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-11-08 18:09 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-11-08 18:09 - 2017-03-23 02:52 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2015-11-08 18:09 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-11-08 18:09 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-11-08 18:09 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-11-08 18:09 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-11-08 18:09 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-11-08 18:09 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-11-08 18:09 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-11-08 18:09 - 2017-03-31 00:46 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 15:36 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-01-17 13:38 - 2017-04-04 12:13 - 01929840 _____ () C:\Users\Levin_\AppData\Roaming\Spotify\libglesv2.dll
2017-01-17 13:38 - 2017-04-04 12:13 - 00087152 _____ () C:\Users\Levin_\AppData\Roaming\Spotify\libegl.dll
2016-12-13 13:55 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-11-08 18:09 - 2017-03-23 02:52 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2015-11-08 18:09 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2017-02-23 18:55 - 00003597 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 media-match.com
127.0.0.1 adclick.g.doublecklick.net
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 desktop.spotify.com
127.0.0.1 googleads.g.doubleclick.net
127.0.0.1 pubads.g.doubleclick.net
127.0.0.1 audio2.spotify.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 telemetry.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 telemetry.appex.bing.net:443
Da befinden sich 46 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Levin_\AppData\Local\Realtime Soft\UltraMon\UltraMon Wallpaper.bmp
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "GamingMouse"
HKLM\...\StartupApproved\Run32: => "Skiller PRO"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_21402A1154C2E13AF119A56DEA4B015F"
HKU\S-1-5-21-1454896063-1280141672-2160224059-1001\...\StartupApproved\Run: => "Discord"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{A0BFD8D5-E89E-4F9B-8FA9-9D01CF703DB7}C:\users\levin_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\levin_\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7CCFFF20-C4FE-4D62-BC41-A7E9689517D9}C:\users\levin_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\levin_\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{54EF891C-3EB3-44EC-BFA6-F5E22D3E774A}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{9207D459-1764-4A67-9BCD-0C857E6B59A7}G:\program files (x86)\steam\steam.exe] => (Allow) G:\program files (x86)\steam\steam.exe
FirewallRules: [{EB4D350F-285C-4641-962A-62BADA101813}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39F8B5E5-3DBB-434B-A5D8-6EA6B4804C33}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC5ED1DD-D6A9-4EA4-B011-7FB2A2CFA814}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7C6B110D-60E5-4234-8278-0E53ADD3A011}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{291DE89D-005D-4A6C-B4D9-E13B98981CD9}G:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) G:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{FEC55D8C-DD74-410C-A1A5-53AF859907FD}G:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) G:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{5CE2C1BC-87F3-4DCF-87E7-7F6A94E32271}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{AC428359-C925-423C-8D73-93506F94E1BF}] => (Allow) C:\Program Files (x86)\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [TCP Query User{ECE3BD8E-499B-4334-A9DE-85315DAF4F76}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{D5488520-218D-4F1B-8386-02F3E8A77A16}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{4687A322-EE77-449D-925D-199103E6839A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{B00E687E-A995-4FFF-81F9-82519DEFE7D7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{206A6319-601C-4B6E-B76F-28DE67AA0A4D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{0B99AB04-81B0-44B8-A2D3-48CA5349C50A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{06272280-635C-4354-9EAE-D6774C07B49A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8E385AE-607F-49A8-B08F-635744D6D2EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AD0C02FA-DF5F-4070-BCA0-197C9B5AF96B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B91CC7FA-90B7-46C2-A5D1-754579A88A47}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E0AD3D7D-AB24-43FC-B366-662D9383212D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2F5B65FB-9968-43F2-93F8-7AB23136EBF6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{5D3F3543-02DA-4209-91BE-E5E58EEA3E5D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{CAABC244-C43E-4CAC-8069-C32F2B690825}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{176B9517-86E3-4E37-B72F-278A5817FF88}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{F4D8FAC9-0326-4239-94D4-CB5F0D23BCE1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{254EC534-6D14-4383-8621-E392E3EE7E46}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{B12870F6-0899-4925-84DB-C48185EBFD71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Why So Evil\Why So Evil_50f.exe
FirewallRules: [{D335F367-4EB4-410D-8D52-F6BE5FEF998A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Why So Evil\Why So Evil_50f.exe
FirewallRules: [{70446A87-BDAA-4590-8CDF-4B0AE542D566}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{DB8A8DCD-91DB-4096-A18B-7B83671EF889}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{4DDAF4C7-BFEA-4DBB-B0C0-9C014E55C3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{6FBA048B-F431-4D30-B449-6B9B8B59C79A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{ED62F2E6-9198-4CAD-AA80-41040402374D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{1FCFE7EE-EA9B-44E2-BDFF-EBF58D13BE8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{21E6BD9A-B629-4F63-8351-CEBD2488783D}] => (Allow) G:\Program Files (x86)\Steam\games\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2F7EE44C-37F2-4164-91D0-11214F307283}] => (Allow) G:\Program Files (x86)\Steam\games\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{52C62951-D682-4983-8ED0-D8B1FF8C1CA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{F157DDEA-9248-4CEB-8CEB-8BFD37426B06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{231E7477-F0CD-4C92-B5F0-2634A1E7400B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{57EB0477-8AF4-49BA-B75F-27936BD1606D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{B492AB15-A170-4381-99AD-F502A7102371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A84BA5D1-8BF7-4549-811F-E25B4535FEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0F35B276-1166-4942-88D5-6E6B9376ACFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{A26DDB7B-45FB-45C6-9535-CE612B93A57B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{401243E1-77AE-4C8F-B1C0-3C94B1E6A58A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brilliant Bob\BrilliantBob.exe
FirewallRules: [{EE352F17-E70F-4109-9886-0D5637A11369}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brilliant Bob\BrilliantBob.exe
FirewallRules: [{05CFBADE-A4AC-4347-9A1C-E84F52016AEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{132129BA-5A4A-44D5-9B6B-E949BE092992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{69AEA816-63C0-497E-ABD7-16A3C3BE8FB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{C2A266F6-3780-448A-90AA-74BE2BD57D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{DC6CB574-A5A3-424C-B705-07F98F8CA96C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{0AD488A1-5D01-4F0F-8C20-C61DAE02549F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{207450D8-0912-491F-9BF9-8700CD937DD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{5CAF8677-ED30-4237-8DB7-C8C88338051A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{463CAE20-41C6-46AC-B556-F517CE52A9C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{53BD5593-089C-4838-B6BC-F79424BD0D73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{9E367F65-9C83-43F5-9D57-7ACAD7F2A84C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{886A56ED-F4C2-4D0F-B3DF-330F3C3979A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{490F5AA2-44E4-4851-BF31-1CAD29F6933B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{CAE27EB4-0EF9-4F51-AB29-E15C52ADCB11}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe
FirewallRules: [{57377F5B-4805-4CB9-A356-0F9173EDF334}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{64AF268F-BCC4-438F-8433-897CE00C5463}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{70310237-1B8B-4619-A2A7-268F041947A4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{A3EB6012-53FD-4250-BBB9-373B63FB342C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{0386CEA8-B128-42F2-ADBA-6EF2F38872B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{1DA949C1-82CD-4312-9EEB-8136F19057A3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{54115762-6C62-4D80-9E24-E37FA25942AA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{08AFDD72-92FE-4563-ACF7-80FEE062A75C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{F0F55755-2F4A-4F80-9BC9-221B89E3E5CF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{EE600AF5-8A01-43BE-B036-58F1C6091890}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{FFD804A2-010E-497C-9396-FBBF7C6E8A01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{A15A31BC-3636-44A3-96D6-D83CA78BAD40}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{B5AFDC5D-5500-4BA0-BA61-50B791B86A9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{4AFC1C78-502C-4384-A050-FA778A47D174}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{C7EFAAA7-1A98-43E0-999B-B4E58F6BC503}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{0638BB06-569A-4E3F-B1F2-4DCB0E5A4FB2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Hitman Absolution\HMA.exe
FirewallRules: [{46F9CB5F-4A0C-4F89-912E-5AF97CB0E22A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{2A11D745-361E-4CA3-B7F5-B66D5C981303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FBB4CB93-22E9-4337-B9E8-B6C636600C66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{A94CADC3-8E26-4A99-BF0F-CDFCE0BA66E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{D1517F55-268C-4965-9D0A-4780AD193210}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0512D722-6289-44C7-A4E6-602FA9880B7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{68DC9B18-D427-49B6-B52E-F9AFCD02CFAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{AE83A4FA-C063-48B3-AEBC-08F56297079F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{5661D928-2BDA-4E04-8854-4CE8B17A8746}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{F1F10D60-D23B-444C-B8D9-5A8026EF91C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{16A54152-7319-446E-A5A5-E46CF8C65E53}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{B394A7FF-FD0A-4595-8FE6-8F706213D986}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [TCP Query User{11F5E1CA-D573-426D-88E5-71E3EB923515}C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe
FirewallRules: [UDP Query User{CFB7B538-350C-4C5D-9FED-49D3A478643C}C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe
FirewallRules: [{A606DC19-E833-45B9-83E4-A7B901A46F10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{4C9C5FD0-A7E8-4A1E-8C58-08340807A61E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{20EEC5AE-BF00-4AC1-88DE-566CF91B8134}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Absconding Zatwor\Absconding Zatwor.exe
FirewallRules: [{73C80B92-0CFD-4658-9622-279F5435633A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Absconding Zatwor\Absconding Zatwor.exe
FirewallRules: [{8BDD5836-B26F-4CC9-9105-70B2CADF13C9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{0F1DBF8B-E338-4318-8410-5330ED011032}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{EE4A7667-842F-44E2-B85F-D0C2BFEF4BC5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{AD8EBCEA-E698-401B-98DC-23A60E687B39}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{C14F1AB8-B206-4815-8D83-3863CB62EB36}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Head Shot\HeadShot.exe
FirewallRules: [{3CDBB688-24E8-4FA6-8F05-A1C7DFD5444B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Head Shot\HeadShot.exe
FirewallRules: [{9C090283-6F5B-4813-8CB7-B0F5FBED8FD9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Shot Shot Tactic\ShotShotTactic.exe
FirewallRules: [{3CE93CD8-7117-4194-91D3-8F97C4DE9829}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Shot Shot Tactic\ShotShotTactic.exe
FirewallRules: [TCP Query User{CEB838F4-40A6-48E4-95D9-44DB3FAB313A}G:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe
FirewallRules: [UDP Query User{93A5D4AB-B537-4234-9486-4E40ADBE65B1}G:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\shot shot tactic\mfps\binaries\win64\fpstemplate.exe
FirewallRules: [{73CF37FF-26C6-460A-973F-DF958E84F258}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90EC7DD3-6899-474D-9DE1-00F246D4EA7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2D0215A-8DB8-4CF1-B5DE-708CBE4E6875}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{CB6C5098-C44F-4DC1-9D1F-26959A9B1A15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{F6451231-9F38-434E-9827-F6E5966B71BD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{F7F5B2D0-629E-40C0-B47C-8796EBFF476D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Alien Isolation\AI.exe
FirewallRules: [{FBE0AAD4-E84D-4ED1-8A68-CF31B5E0BE52}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{976A32E0-5087-4FAC-B6DC-CC7553F249EE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{E3B3C2BA-9754-4A01-8F04-709EFF28C04D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{EF081093-7A71-4D99-BA9C-10D0A040EFBC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{B29D4716-BE3F-41C1-B548-9A2004BEFF11}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{7E811B9C-90F6-4EAB-8930-3E22E28578D5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{E51871A8-496C-4EEE-8ACD-1CB263EBE218}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{2F2AE4A0-ABCE-4282-8C6E-B5A6C6E12E9D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{F6F1AC37-5F90-46CC-BE3A-9A0844383EF9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6A4C3AC0-7059-4589-9AFE-BF7266ACBA21}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0BE8F427-C15E-45BD-AE11-BFB16E11E049}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{A6B18808-E2DF-41FD-9607-0B1DFABEF71B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{27C5454D-5456-496E-A62E-94B965BC9200}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{C9207111-5752-4EA9-B192-3FEC4B80A0E3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{FAF9C605-3217-4A60-860E-E49BE84D1587}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{AF86C06D-D55B-4B2F-B897-9DD3D07964B7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{ABE4D98B-D82F-47B5-87F5-D7F98C739D69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{6A7E36D1-DE8D-4C6D-BB77-C68BCF4DCA57}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{C52E3E9B-DFED-4103-BC6F-83B8A41EE687}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{B0562001-176D-4F67-9C91-7F834B934121}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{40AC5023-8179-43AD-B1CF-CB79ECE1E527}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{9F83D05D-4325-4647-A23E-B4D132D2F8EF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{1D474686-0A18-466A-B080-DF9AAE70F2CB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{8A272A6F-A03C-44F9-AF71-257C2D4640DF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{2C2A5423-DB0B-4B9F-B774-8D2084B18C21}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Contagion\contagion.exe
FirewallRules: [{8A121E65-77E6-4932-9E06-596743C8ABB4}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Contagion\contagion.exe
FirewallRules: [{CD409E58-D734-4CC0-B128-62566570E426}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D2E9459B-84A0-495D-838B-7C7B6F29E546}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{F40F55BD-2194-41FD-9673-D76005DA92F1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A1FE5737-9794-4081-8DDC-C79CA9A7CF96}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1F7D0A18-AE12-42B8-9469-6EB78E0D7CDD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{CDF7B478-F200-4D65-8F0E-2459AEE8E2BA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{D76F7267-D7C0-4EF8-BA52-BC87F295889E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{48A63A73-A911-48B7-A560-560305667E0D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{8AE6A30D-B751-444B-A7CF-ACD4EC6AAA53}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{2FBEEF13-4661-44E7-A64D-0273604B1CE5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [TCP Query User{317CB18E-D4B7-4DE7-B893-1F01CD55DBAD}C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{6CEF83E7-AEEA-44D4-91A2-3355956CBCBE}C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{CAC2A9DB-8398-4D91-B66B-135CAFCF109E}C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{19B1ECB5-CA06-44F8-8618-03D4B876B1D6}C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [{C4DCFF2C-F103-45B1-A17B-A7453C24CC78}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{62708982-880C-4E9A-85AD-691B0C67C512}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{44D27069-B233-42E8-AD92-FD4FF30152E6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets\GooCubelets.exe
FirewallRules: [{0E2918CC-2F2B-47FD-9877-518674F9DEDB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets\GooCubelets.exe
FirewallRules: [{547355B7-0F34-4D02-BA93-029F5B529FD3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets 2\GooCubelets 2.exe
FirewallRules: [{A4A3494E-E6B5-4892-96A5-135178BE377B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets 2\GooCubelets 2.exe
FirewallRules: [{CC45AA40-A79E-40DD-A82B-45FACAF484F3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets The Algoorithm\GooCubeletsTheAlgoorithm.exe
FirewallRules: [{E7B34471-C74D-4C30-9D48-AEA6E12FD731}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets The Algoorithm\GooCubeletsTheAlgoorithm.exe
FirewallRules: [{AE4C7E70-A6C1-43C5-8AAC-4B8E6DD74A6B}] => (Allow) C:\Users\Levin_\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{84FDB70A-F1C0-4CA7-8E88-199A33BE5612}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{0A1A78DA-FC46-43F8-A46E-20C09656266D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{D8E4B60D-F26A-4FF7-BCB1-AEA1D734DB50}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{26B801E5-3A25-43AC-B2F7-84EC25DF85A3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{DD4BB824-FD11-4D8C-9239-8B8DED53C875}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sang-Froid Tales of Werewolves\SangFroid.exe
FirewallRules: [{A98E76D6-2128-4FEF-B9AE-4D9D9DFA5793}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Sang-Froid Tales of Werewolves\SangFroid.exe
FirewallRules: [TCP Query User{846E75E9-07BF-4BA0-BBA5-737344FC3072}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{67B7152D-B0AE-487C-B836-9576D461D753}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{6A6F0685-E468-4574-ABB6-20EB9074BE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A920E16B-AE05-4A22-B2F4-32837EE19E76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{726FF06D-2F6B-4FC1-BFE5-35F0D10FD0C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{FB203646-79C2-4042-A364-433401040808}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{75B82D47-BAE0-4379-815A-A2F7C3E6825E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{464782DB-E121-47FD-B2D8-5F87B7D3B61D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B8716172-3CF8-4CE9-BFC3-2198B21CBFC5}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{32ABBF46-3EBB-4F39-8BA9-BDE8FA593B20}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{1B07D4C0-CB23-4229-9BF6-28361D95B55F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let's Draw\Let's Draw.exe
FirewallRules: [{587F98E2-7BAB-4D2F-BEDF-DB10C245ECA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Let's Draw\Let's Draw.exe
FirewallRules: [{ED6E9AC3-C0D4-4009-8E0A-BA883CBE7E1F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{D4828DDB-025A-4750-9151-CEBCC07BBAFB}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{07D28C5E-3CEE-45B3-80C2-C07326982A4C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{83EFB60A-94F8-42B4-8654-687330B7BC9B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{F11ACEF2-6573-4D12-B8DB-B570FA8BF75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\North Side\North Side ggwp.exe
FirewallRules: [{83D7AA6B-6F3C-44DA-80C5-D186ED0A1109}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\North Side\North Side ggwp.exe
FirewallRules: [{C860A206-5BC0-4643-89C2-D841309796AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Why So Evil 2 Dystopia\Why So Evil 2 Dystopia.exe
FirewallRules: [{8CD9C6FD-5823-4EB6-B14F-F886E6A9FDCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Why So Evil 2 Dystopia\Why So Evil 2 Dystopia.exe
FirewallRules: [TCP Query User{17FC1EF8-FFE7-4A51-BFCF-2E5E25B4A39A}C:\users\levin_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\levin_\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4808CA6C-0AF1-4A0B-9242-2DE2EC9D6163}C:\users\levin_\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\levin_\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{52D7B135-F307-45EF-9483-0E5145DDFB54}C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{834337B8-AFD6-44D4-B852-1FFB3A2109FD}C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\levin_\appdata\local\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [{6546ABAA-794C-4ADF-8231-1FECDE258E1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{288997AE-E8AF-43CE-A428-EE56E2DE5F74}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{57835A8F-3E8D-4D96-A92E-F5E7A0848EA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{68B55E96-27C0-4115-926B-A70701676BC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{B16C4BE4-7993-41A9-A274-006C9DEF3BC1}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{95712432-FE61-4854-9569-72B786EB802E}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{F830A2B0-156A-4F55-AE71-90842C69E22D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Head Shot\HeadShot.exe
FirewallRules: [{63902572-351B-4CA6-A2D9-9B7E2FADE6E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Head Shot\HeadShot.exe
FirewallRules: [{F91A1968-AA31-41D3-8F65-62F6EA876308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{1D45C033-858E-473E-858B-97C5D4999477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fiends of Imprisonment\FOI.exe
FirewallRules: [{E41C594D-3F21-4AC0-9D70-036D9D617141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{707E65B6-4509-4426-9AE4-C9C429AE4D82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Break Into Zatwor\BreakIntoZatwor.exe
FirewallRules: [{24C71EDC-EBBA-49D8-868E-FCABBB72B7E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shot Shot Tactic\ShotShotTactic.exe
FirewallRules: [{98D3ACF6-49BE-4E53-B573-572CFF5C3860}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shot Shot Tactic\ShotShotTactic.exe
FirewallRules: [{356A370C-FD28-4654-B510-B91DF5FD4AB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beast Blaster\BeastBlaster.exe
FirewallRules: [{5CA808A0-F380-4FE1-BB20-DCF87D79A7D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Beast Blaster\BeastBlaster.exe
FirewallRules: [{B4C3F0BA-DF9F-4157-87F3-0CA295460A7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bold New World\mylevel.exe
FirewallRules: [{3D04DEF0-9362-4717-BAF3-20E2CD489E0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bold New World\mylevel.exe
FirewallRules: [{25327446-DB58-4B1D-8812-0FA41F94E728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\They Came From The Moon\TheyCameFromTheMoon.exe
FirewallRules: [{DC87A395-9A6B-4E79-A9C5-CC5520C3DF8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\They Came From The Moon\TheyCameFromTheMoon.exe
FirewallRules: [{146767A2-7265-4F56-B6A2-E04BB3239B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{FCE22815-3322-4AFD-ABFF-7433CB7784AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7BCE00DD-B8E3-4D39-B116-3120665AF113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{17426EEE-705A-4178-B497-063B511B7230}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{B9CD91AA-B3AD-493E-A56B-921FB5272A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\$1 Ride\ride.exe
FirewallRules: [{91F21F3B-85CD-4078-8A5B-FC394B37B4B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\$1 Ride\ride.exe
FirewallRules: [{C34C72EA-359D-4E0D-BE2A-64C4AD532D02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ampersand\FuryRacing.exe
FirewallRules: [{4D288D71-A963-48BF-8C5E-0F544A710244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ampersand\FuryRacing.exe
FirewallRules: [{FD306670-D6AB-4F46-8683-1189079308E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{32217764-518F-4E5D-80D6-4F4149E2703D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{91AC3C3A-58D0-4817-BB12-10EA99FB092A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7C15BB26-1A56-4C33-AEE9-4C20C2F84C1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{66702AF4-AA2F-4A9C-9700-04EA9E8F8B72}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [UDP Query User{71B63607-232F-49C8-B180-2096D44BE9DB}C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\life is strange\binaries\win32\lifeisstrange.exe
FirewallRules: [{663A9C9E-1DC8-4CCC-8149-02F8F81276CE}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{679E9BBF-AD28-40A8-B4C3-458BCCAD5B70}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{857C8905-058F-4E47-93E8-423309DA448D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rage Wars\RageWars.exe
FirewallRules: [{D8A42EA8-05B0-4722-966B-4BBDC0E8D103}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rage Wars\RageWars.exe
FirewallRules: [{6E34BEEE-5A97-4846-9543-BE882692CAD5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Cyborg Detonator\Cyborg Detonator.exe
FirewallRules: [{81A53442-D100-4739-87B9-765849BCB441}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Cyborg Detonator\Cyborg Detonator.exe
FirewallRules: [{686EA26D-DE19-4985-9BB4-371FDE3BDA7A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\The Tower Of Elements\TowerOfElements.exe
FirewallRules: [{4EF03B42-720A-4CE4-B152-667B0142D675}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\The Tower Of Elements\TowerOfElements.exe
FirewallRules: [{C81A525B-5FF4-4883-950C-8D77A2DE7DB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Only One Hope\onehope.exe
FirewallRules: [{56313AEA-965E-4814-BB4C-F6D792441C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Only One Hope\onehope.exe
FirewallRules: [TCP Query User{43D6BEDB-A9E6-40A3-8FA6-3C2FC75ADDE5}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{E52923D6-1F51-423A-B0E8-2F22DB8BADBB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{267C4940-F400-4172-834B-DFA351882BC5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ParadiseIsland\ParadiseIsland.exe
FirewallRules: [{0E6B7E7B-DE83-4A22-8CC7-815A0F8AE44F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ParadiseIsland\ParadiseIsland.exe
FirewallRules: [{9F74B162-D3C1-4AEE-AFB6-2C8AC5E7A30A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Desire\Desire.exe
FirewallRules: [{EE68F609-9B3F-4F46-976A-AF74E9643052}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Desire\Desire.exe
FirewallRules: [{7BB81D3E-B645-46C2-B23F-AA0990BF201C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\The Note\TheNote.exe
FirewallRules: [{08026502-D12F-4BAA-BD3C-BC934F6EFBDD}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\The Note\TheNote.exe
FirewallRules: [{5FC0C847-B12E-41D4-BCEC-61FD65F7FD49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Beast Blaster\BeastBlaster.exe
FirewallRules: [{A7E3DD8B-EAF7-4AC2-8FE7-C6CB7F394F6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Beast Blaster\BeastBlaster.exe
FirewallRules: [{86A3BACC-A961-486C-8EE8-37FD6FB13D37}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{EABE7392-FC6D-44AD-A946-27533B3D27C0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{21D93394-25A6-4B77-8B06-EE3C1049253E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{FEA11CDE-B70C-4A59-B331-306D7EFEFDE3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{1B276C44-FD06-460A-9A5D-E48CDD691B29}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{91D959D5-CE90-43AD-B62F-2EDA2663C9FC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{3275538D-E8C4-4B45-A2DD-15755630BF34}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Zombie Boom\Zombie Boom.exe
FirewallRules: [{2679E536-719C-4967-9B71-AF1B7FD4D146}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Zombie Boom\Zombie Boom.exe
FirewallRules: [{0B468370-48E6-40EC-8DFC-E3F86E95D8C5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets OCD\GooCubelets OCD.exe
FirewallRules: [{865BA28C-BBBB-49FD-B903-B30A826D4E0B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets OCD\GooCubelets OCD.exe
FirewallRules: [{1B3606AE-CD45-40F3-B9B6-BFA5F8DB54E8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{05385F63-DA30-4C86-A4D2-93A81FE60AF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{6AD34257-E9F6-4290-93A1-CE22BA41DB48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{962B8B7A-D9CF-4E9E-BC53-6042E53CB64A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dynasty Feud\DynastyFeud.exe
FirewallRules: [{7EC8FB37-F5B4-483A-9984-4306AD2054F0}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dynasty Feud\DynastyFeud.exe
FirewallRules: [{353B0BF2-0540-47CF-AA1D-3AE89C10E65D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets The Void\GooCubelets The Void.exe
FirewallRules: [{0A8C3F75-9149-4D4B-90FD-976380480024}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\GooCubelets The Void\GooCubelets The Void.exe
FirewallRules: [{4D4FEC95-FD59-4D03-B954-ABE22BCE4423}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Epistory\Epistory.exe
FirewallRules: [{0DF686E0-FF60-4B7A-98CC-078557448680}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Epistory\Epistory.exe
FirewallRules: [{015C7652-3AFB-4FF0-84AB-9B2215A3E227}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{42E50170-C2EF-4E8E-867B-497E78FA581E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{4471B588-8B99-4C8E-BA36-C16C266533D5}] => (Allow) C:\Program Files (x86)\MIO\loader\st31500541as_5xw07zl5xxxx5xw07zl5.dat
FirewallRules: [{F411FA0F-E3AD-4550-A94F-6BDB015606D7}] => (Allow) C:\Program Files (x86)\MIO\loader\st31500541as_5xw07zl5xxxx5xw07zl5.dat
FirewallRules: [{A91ECCCD-9A04-490C-85D3-B9B4CE0E17CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7F643653-B8CA-4762-B892-3D73396C392A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{7CA80B11-D387-4177-8CDA-B315030DB62D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{C335C8FD-E7AD-4006-999A-533C8EACA037}] => (Allow) C:\Program Files (x86)\Alltie\Application\chrome.exe
FirewallRules: [{E7BDD61B-B7EF-4734-A361-99B85498BA69}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{C5A90772-1995-4A37-A7FF-3AFE3B97B94F}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
==================== Wiederherstellungspunkte =========================
10-04-2017 15:25:31 Removed deskapp
14-04-2017 16:19:44 Removed Terela
14-04-2017 17:35:44 Malwarebytes Anti-Rootkit Restore Point
15-04-2017 12:44:53 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/15/2017 10:06:02 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 10:05:05 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 10:04:38 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 10:04:31 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 10:03:35 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 10:03:15 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 09:42:15 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 09:32:20 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (04/15/2017 09:32:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OBS.exe, Version 0.6.5.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9fc
Startzeit: 01d2b61c56801578
Beendigungszeit: 4
Anwendungspfad: C:\Program Files (x86)\OBS\OBS.exe
Berichts-ID: 38d420e1-2212-11e7-b8b3-08606ef27eee
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (04/15/2017 09:32:04 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Systemfehler:
=============
Error: (04/15/2017 12:42:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/15/2017 12:42:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und der APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/15/2017 12:42:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und der APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/15/2017 12:41:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/15/2017 12:38:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/15/2017 12:38:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/15/2017 12:38:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{22279AF5-03AE-4CAF-989D-2530918B2F1C}
und der APPID
{0773CCD6-59A2-4D26-B235-19247767E645}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/15/2017 12:38:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/15/2017 12:38:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/15/2017 12:38:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-04-11 11:52:09.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.103.44.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-04-11 11:52:05.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Overwolf\0.103.44.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-02-23 16:41:05.363
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-02-17 13:17:33.145
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-17 13:17:33.143
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-01 22:30:59.296
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-01 22:30:59.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-01 22:28:34.053
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-01 22:28:34.052
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-01 22:28:33.190
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8133.52 MB
Verfügbarer physikalischer RAM: 5000.48 MB
Summe virtueller Speicher: 11205.52 MB
Verfügbarer virtueller Speicher: 7041.88 MB
==================== Laufwerke ================================
Drive c: (Festplatte neu) (Fixed) (Total:931.51 GB) (Free:392.35 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: ( INTENSO EF) (Fixed) (Total:1630.14 GB) (Free:485.71 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (Festplatte alt) (Fixed) (Total:1385.45 GB) (Free:737.19 GB) NTFS
Drive l: (HJNTIY09) (CDROM) (Total:6.02 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: FCD6DD83)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1385.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 92A153E0)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1630.1 GB) (Disk ID: B4446688)
Partition 1: (Not Active) - (Size=1630.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
15.04.2017, 23:51
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S1 hnkhssgl; \??\C:\Windows\system32\drivers\hnkhssgl.sys [X]
Task: {24DDDDEF-3630-4668-9330-2765B603FDBE} - \Erbawardphozit -> Keine Datei <==== ACHTUNG
C:\Windows\system32\drivers\hnkhssgl.sys
hosts:
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ --> Bedrohungen tauchen trotz löschen immer wieder auf |
|
16.04.2017, 00:58
| #22 |
| Gast | Fixlog.txtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Levin_ (16-04-2017 01:51:14) Run:1
Gestartet von C:\Users\Levin_\Desktop
Geladene Profile: Levin_ (Verfügbare Profile: defaultuser0 & Levin_)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
S1 hnkhssgl; \??\C:\Windows\system32\drivers\hnkhssgl.sys [X]
Task: {24DDDDEF-3630-4668-9330-2765B603FDBE} - \Erbawardphozit -> Keine Datei <==== ACHTUNG
C:\Windows\system32\drivers\hnkhssgl.sys
hosts:
emptytemp:
*****************
HKLM\System\CurrentControlSet\Services\hnkhssgl => Schlüssel erfolgreich entfernt
hnkhssgl => Dienst erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24DDDDEF-3630-4668-9330-2765B603FDBE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24DDDDEF-3630-4668-9330-2765B603FDBE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Erbawardphozit => Schlüssel erfolgreich entfernt
"C:\Windows\system32\drivers\hnkhssgl.sys" => nicht gefunden.
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
=========== EmptyTemp: ==========
BITS transfer queue => 310800 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 95688674 B
Java, Flash, Steam htmlcache => 382256659 B
Windows/system/drivers => 152646433 B
Edge => 747362 B
Chrome => 657777018 B
Firefox => 217558880 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 8123008 B
LocalService => 34274 B
NetworkService => 101934 B
defaultuser0 => 0 B
Levin_ => 2054680457 B
RecycleBin => 14986037315 B
EmptyTemp: => 17.3 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 01:53:50 ====
|
|
16.04.2017, 13:36
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.04.2017, 14:12
| #24 |
| Gast | Schäden an Ihrem Computer Meldung Guten Mittag, die Scans werde ich gleich durchführen. Jedoch eine Frage noch nebenbei: Wenn ich etwas in meinem Browser runterlade kommt fast immer die Nachricht "Dateien dieses Types können Schäden an ihrem Computer verursachen. Möchten sie xxx trotzdem behalten?" Eine Idee woran das liegt? Früher war das nicht so.  Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 16.04.17
Scan-Zeit: 14:51
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1742
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-ICCE417\Levin_
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 351496
Abgelaufene Zeit: 3 Min., 53 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 1
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\KITTY\CAT.EXE, In Quarantäne, [220], [390136],1.0.1742
Modul: 2
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\KITTY\CAT.EXE, In Quarantäne, [220], [390136],1.0.1742
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\SNARE\SNARER.DLL, In Quarantäne, [220], [390137],1.0.1742
Registrierungsschlüssel: 1
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Kitty, In Quarantäne, [220], [390136],1.0.1742
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 2
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\KITTY, In Quarantäne, [220], [390136],1.0.1742
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\SNARE, In Quarantäne, [220], [390137],1.0.1742
Datei: 2
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\KITTY\CAT.EXE, In Quarantäne, [220], [390136],1.0.1742
Adware.Elex, C:\USERS\LEVIN_\APPDATA\LOCAL\SNARE\SNARER.DLL, In Quarantäne, [220], [390137],1.0.1742
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
16.04.2017, 14:40
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf Das ist doch kein Fehler sondern nur eine Warnung, dass Dateien dieses Typs gefährlich sein können
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2017, 20:13
| #26 |
| Gast | Bedrohungen tauchen trotz löschen immer wieder auf Ja gut. Wenn das nicht weiter schlimm ist lasse ich das mal in Ruhe. Die anderen Logs kommen noch dazu. Gerade läuft ESET online Scanner noch durch. Danke. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f900b0137a653441b66dd5ab148da0d2
# end=init
# utc_time=2017-04-16 01:02:32
# local_time=2017-04-16 03:02:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 33075
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f900b0137a653441b66dd5ab148da0d2
# end=updated
# utc_time=2017-04-16 01:05:15
# local_time=2017-04-16 03:05:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f900b0137a653441b66dd5ab148da0d2
# engine=33075
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-04-16 02:10:31
# local_time=2017-04-16 04:10:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 23682445 0 0
# scanned=318565
# found=6
# cleaned=0
# scan_time=3916
sh=2E2BAF8646033347BF6611A8D1AE1EBFB247BC17 ft=0 fh=0000000000000000 vn="HTML/FakeAlert.AF Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1454896063-1280141672-2160224059-1001\$RLY6XG2.bat"
sh=533D00407F612A234D324CFF1126E18F896B3121 ft=1 fh=b9715f504c81f458 vn="Win32/Adware.ELEX.JC Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gfcycepbrgipduujmoqoafobfgewikfg\WinSAP.dll"
sh=EC238F223AF98AD8740D329BD3328DD2A578C0DE ft=1 fh=a00f30206c367b91 vn="Variante von Win64/Snarasite.B Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\rkizorooiexingbqevecakdsrfsocfci\WinSnare.dll"
sh=C49B1980A08ECD4B338EFB9EBE51A78793B86587 ft=1 fh=5d5562405200506c vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="C:\Games\Dead Island Riptide\steam_api.dll"
sh=8804007DC261615E83BAD6289FC74EE6C10B9532 ft=1 fh=0b2354e572e1d442 vn="Win32/Tencent.I eventuell unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\MIO\MIO.exe"
sh=DCA03EDE39B646565D7F8641026B5DBA2A072B9C ft=1 fh=c08d7e0bf073cc8d vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Levin_\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe"
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 33075
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Mozilla Firefox (52.0.2) Google Chrome (57.0.2987.133) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
18.04.2017, 09:04
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf [B]FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Games\Dead Island Riptide\steam_api.dll
C:\Program Files (x86)\MIO\MIO.exe
C:\Users\Levin_\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2017, 09:04
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf [B]FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Games\Dead Island Riptide\steam_api.dll
C:\Program Files (x86)\MIO\MIO.exe
C:\Users\Levin_\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2017, 13:05
| #29 |
| Gast | Fixlog.txtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
durchgeführt von Levin_ (18-04-2017 14:00:24) Run:2
Gestartet von C:\Users\Levin_\Desktop
Geladene Profile: Levin_ (Verfügbare Profile: defaultuser0 & Levin_)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Games\Dead Island Riptide\steam_api.dll
C:\Program Files (x86)\MIO\MIO.exe
C:\Users\Levin_\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
emptytemp:
*****************
C:\Games\Dead Island Riptide\steam_api.dll => erfolgreich verschoben
"C:\Program Files (x86)\MIO\MIO.exe" => nicht gefunden.
C:\Users\Levin_\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26574539 B
Java, Flash, Steam htmlcache => 316492866 B
Windows/system/drivers => 57588829 B
Edge => 0 B
Chrome => 578201756 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
defaultuser0 => 0 B
Levin_ => 198718126 B
RecycleBin => 701907380 B
EmptyTemp: => 1.8 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 14:00:56 ====
|
|
18.04.2017, 13:22
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Bedrohungen tauchen trotz löschen immer wieder auf Dann wären wir durch!  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um dein System aufzuräumen und abzusichern. Cleanup Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Absicherung Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten). Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden; Sicherheitslücken werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du bei folgender Software:
Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Die Dinger sind mittlerweile auch unter Windows stark umstritten und können Probleme bereiten, die man so ohne AV einfach nicht haben wird. Zudem werden sie auch niemals jeden Schädling finden können. Aussagen der Anbieter dieser Software entpuppen sich regelmäßig als Marketinggeblubber. Lies dazu => Aus aktuellem Anlass: Antivirus-Schlangenöl | Elias Schwerdtfeger und => http://www.golem.de/news/antivirenso...12-125148.html Verwende also MAXIMAL ein einziges der folgenden AVs mit Echtzeitscanner und stets aktueller Signaturendatenbank; verwende immer nur reine Virenscanner (keine Produkte mit Suite oder Internet Security in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird!)
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Grundsätzliches Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems (genaueres unten im Lesestoff zu Backups) Finger weg von Registry-Cleanern, Optimizern usw!!! - die Performancesteigerung ist umstritten bis ganz klar nicht belegbar, dafür hast du ein großes Risiko dein System zu zerstören v.a. bei Registry-Operationen. Das Beste ist, die windowseigene Datenträgerbereinigung zu verwenden - und die Registry in Ruhe zu lassen! Lade Software immer von einem sauberen Portal wie  . Finger weg von chip.de oder softonic!Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner.  Lesestoff:Backup-/Image-Tools IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Damit man sinnvolle Backups hat muss man regelmäßig zB wöchentlich ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen. Drivesnapshot Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Screenshots: http://www.drivesnapshot.de/images/startup.png http://www.drivesnapshot.de/images/save3.png Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot. Seagate DiscWizard Download => Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Acronis TrueImage WD Edition Download => Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Bedrohungen tauchen trotz löschen immer wieder auf |
| abstürze, abstürzen, ads, anderen, browser, datei, einfach, einstellungen, email, forum, frage, fragen, gelöscht, gen, google, guten, löschen, programme, rechner, startet, suche, trotz, webseite, webseiten, youtube |
Linear-Darstellung
